last executing test programs: 8.359385116s ago: executing program 1 (id=666): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x12, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x3}, @cb_func={0x18, 0xb, 0x4, 0x0, 0xfffffffffffffffd}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @map_val={0x18, 0x6, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x69}]}, &(0x7f0000000100)='GPL\x00', 0x10001, 0x20, &(0x7f0000000140)=""/32, 0x41000, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x4, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x3, 0xe, 0xdd42, 0x8}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000200)=[0x1, 0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1], &(0x7f0000000240)=[{0x4, 0x4, 0xe, 0x1}, {0x0, 0x4, 0x0, 0x7}, {0x2, 0x3, 0x6, 0x6}, {0x2, 0x2, 0x9, 0x5}, {0x2, 0x4, 0xf, 0x5}]}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='ext4_nfs_commit_metadata\x00', r0}, 0x10) syz_open_dev$vim2m(&(0x7f00000003c0), 0x6b, 0x2) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x52, 0xe7, &(0x7f0000000400)="412ae5b59c19c648d57752700af33e9e63af7d3807d4949a124845ff25cff8275b87ef6268cba4c553fa5a8dd05e8ab91f6d6678300199f92dbdae25bed682889198f42897a31c16fc87b32d170026a558e7", &(0x7f0000000480)=""/231, 0x3, 0x0, 0x53, 0xa0, &(0x7f0000000580)="9b9dcc380b21ea5f3fb96aecb3a5dd598d2a17347f78423c760547b9d8b3501f5ae4ea42c708524fedcb49fb07b4de1496a75a0b8cdac2327bb3b9e3308928752e773179733336154e728d86ee47562fc1781e", &(0x7f0000000600)="dfd71f523d536cb7242c5a3b18185fea437d6a8218619b93936775f27a332c28071af43dc6f694f05e093887368ef072b5be1aa63b60beecf4c5afb80f1b447f0c4463ed0f9f4e832fa69f0c5c78ca460ffcbf4d16ec944c2ad2960311aa0fac42d6df6028f856dfeb0b11e1df399eac764a934c206f409205f235e61b22b540de4b178765fc2732ed9eb5f4cd972b8afc50d0f786a113f6781ca1bae896bc72", 0x2, 0x0, 0x8}, 0x4c) r1 = syz_open_dev$vivid(&(0x7f0000000740), 0x0, 0x2) ioctl$VIDIOC_QUERYBUF_DMABUF(r1, 0xc04c5609, &(0x7f0000000780)={0x8, 0x6, 0x4, 0x7a073, 0x200, {0x0, 0x2710}, {0x0, 0x1, 0x6, 0xff, 0x3, 0x4, "ccc3670c"}, 0x3, 0x4, {}, 0x8001}) r2 = openat$vcsu(0xffffff9c, &(0x7f0000000800), 0x14000, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000840)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000880)=@v1={0x0, @aes128, 0x0, @desc4}) r4 = socket$pptp(0x18, 0x1, 0x2) setsockopt$SO_TIMESTAMP(r4, 0x1, 0x23, &(0x7f00000008c0)=0x80, 0x4) fcntl$notify(r3, 0x402, 0x9) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r2, 0x8982, &(0x7f0000000900)={0x1, 'ip6gre0\x00', {}, 0x8}) ioctl$VT_GETSTATE(r3, 0x5603, &(0x7f0000000940)={0x4db, 0x9}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xe, &(0x7f00000009c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xef8b}, [@map_fd={0x18, 0x4, 0x1, 0x0, r3}, @alu={0x7, 0x0, 0xd, 0x4, 0x8, 0xffffffffffffffe0}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x3}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x40}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x4}]}, &(0x7f0000000a40)='GPL\x00', 0x4bce, 0x4d, &(0x7f0000000a80)=""/77, 0x41100, 0x20, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000b00)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000b40)={0x0, 0xf, 0x5, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000b80)=[r3, r3, r3, r3, r2, r2, r2, r3, r3], 0x0, 0x10, 0x7ff}, 0x90) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c80)={&(0x7f0000000980)='ext4_ext_rm_leaf\x00', r5}, 0x10) r7 = openat$vcsa(0xffffff9c, &(0x7f0000000cc0), 0x2000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000d40)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000d00), 0x13f, 0x6}}, 0x20) openat$rdma_cm(0xffffff9c, &(0x7f0000000d80), 0x2, 0x0) r8 = accept4$inet(r2, &(0x7f0000000dc0)={0x2, 0x0, @multicast1}, &(0x7f0000000e00)=0x10, 0x80000) sendmmsg$sock(r8, &(0x7f00000015c0)=[{{&(0x7f0000000e40)=@can, 0x80, &(0x7f0000001540)=[{&(0x7f0000000ec0)="546a550c74d1af9cb90966cee2014999cc0ae2ad466a3dcae9307ebf0fb685d2e08eac5fd9f30da499d86eddce1da6119feb52f5c0efdd61fc94e767b393141410c1c4809358334c8a480fcb2d1b37acd58386c13a72e4d62a07729cf844e61293d73c15a54e7420addd494e9aa7018f041da63526fb3a", 0x77}, {&(0x7f0000000f40)="3e04b76870c61ff136f105f59d522e59fdcc8e20758e5b8144f7a99789e401abb5bc6e83e0a55fa7f11603af04d48e1b94e9747631ae2ee9a0bd768e4e2deedfb4c1b25e7aaab62ec0cfe52baf3ddb68db5cc838d5b0a25ef440b44162c1d7fce5acc24689d3d04808cfd6cfbe25c7ce3a898d58fd77cb86f3135225e3f6a6938abfb787e811410d3be774c81a9cde57c97aaf68b7ad1df7088aa9926a42ef7cc679a9523a574da5e4e8a4afdff67aa1012b4a0492e3581ff6ce9256ae58ae42b6fd38bc9ce68a248b4f6b35b708cf97b3137416dcd45e17ba1ab4dad832cc94bcfdac6bf645fa74523100645b", 0xed}, {&(0x7f0000001040)="bf19fc5207f7fcfeecdec4f5e44c59bde8ffe8b2398f21f96e14a2f10f01334021739b4a7b8a83590a5821d92a5187aff099027931ec9b5945870d8b7c02256dc2680a0adfd95513703739d8932c970416c836ca25ddbd1697c585621c2c64b63f23311a2e973be2e4991b9d6b0507e6fe648d76be9acc78626c48ecc854ce7e554422a8641d3ddf1e0e0ca5d4d44a14a5112a701e453624fe022397ce93e298ea75969b5872f485873c2c7be417c0a1768c3553e154fe36d5ecf2b5a2f9d43638cfa8b1c024a373f8ce00e5bddc4d9731af05b8b67f1473b4d7fec43ed9954c0a3af491442b71fd89bf0ef748692a315d8bc48c8e303eb4232f", 0xfa}, {&(0x7f0000001140)="923c33629efff504c24fdd21989b3e2e44c778b9cfd08225e886a85dc5d1d29a7d25c89ab71d8ec4d87b74ee2f047f520c961aa7d406b05e8c4b48d99eb15525b599967a1db43a250770221a7ffaf262a70a980abbacf11c72b091291685aef9400ae153b070385929fa644bbec1bfbba819a3baf78ca2", 0x77}, {&(0x7f00000011c0)="71d4e98fb8ef9a5f05b38d850204191b11700b04d2d0c900843ac4c7024ec4c42ff622be117a62f0dffd19875c1e4c2ed6e2749071c4bc7396599cd411450ea1b5556c67dbb8bf809bfd3ec40a0483b3f3778a2e55777af6bae2fa153285916cab43cf9dbf0b85aa8820bf07032f8105088706fde2bbe56d1f0cc1c1dca28539ace5fd88289327c0f4", 0x89}, {&(0x7f0000001280)="7c3aac28473ecdc157a5660e03ac0bf13a4c526734c6c5477a34a9e6c9a404d362667d087c76ef1b802b48c0dcc6d274b9754efd06c45965bb8721a4492e1bebe384bda306638d788a88f24956942688aa80207bc3531ae355895ca1cab2060db4e818709c6fee0b69fb53fef2e13b63aac87a236978edafd1c1eee83b165641082d64a793caf6c3ba0a77494f9eb606b6efa07261987e9781d4f637c2ec45cea6dba3d835662ffb523e126706a734e3ac3adc63c69c67d6ad9e2972b2ba8bb702a981f1854f700ad3e1c0a67f008bb582a4d0fc165fbf76f6aa46f84cfe04a37a4fc2718bba50757293559950994b2f254866a6", 0xf4}, {&(0x7f0000001380)="9dcb769d7d5795a35d194e960ac0e912796d4054c83680e160d5d039e2fe34318264507a9c47d255bdb15ef0c66003c6aa055782401878a9bc8ae17af1bd5475b45a5ac094ca16ba63b8e5e64c86c6d251ad24b25201d5f3a87913c371c63550f1ef1cc425acf4931c8d6dd0fe9d5bef58129a50d45a998288329c6ec1ce6241c0a5e7201b99aafeca288343ef12997d6d02dd5809900f1d06a09479ac80317c4be86fa40dc36d53f12c", 0xaa}, {&(0x7f0000001440)="8ce19371fa28df8e417d9836eb198b34014becdef49248f3bab7186d3cd63440ae845d279255b8cd2da9472e985032f3c66ede29fa6d40c65a0c858db99cc0e16c22649247c0aaca3210c606f13e14f167ae7862efd58434976920a84d72763d89789b1b6288e934d7f469b4a328f04c602d50ee312dc1efc67545eb6559842c59886286fade46347e42e7874243cb9c0a30a186b58b010a61d77facec0ce78378c351586f3fc7e0a08cd897063d1e9332844efbe5d4e5a6ff0fc96fe3253c0bb093", 0xc2}], 0x8, &(0x7f0000001580)=[@mark={{0x10, 0x1, 0x24, 0x2}}], 0x10}}], 0x1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000001600)={0x2710, 0x6, 0xeeef0000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000016c0)={{0x1, 0x1, 0x18, r6, {<r9=>0xee00, <r10=>0xffffffffffffffff}}, './file0\x00'}) ioctl$DRM_IOCTL_GET_CLIENT(r7, 0xc0186405, &(0x7f0000001700)={0xa, 0x1, {0xffffffffffffffff}, {<r11=>0xee00}, 0x1ff}) lstat(&(0x7f0000001740)='./file0\x00', &(0x7f0000001780)={0x0, 0x0, 0x0, 0x0, <r12=>0x0}) lstat(&(0x7f0000001800)='./file0\x00', &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, <r13=>0x0}) ioctl$NS_GET_OWNER_UID(r7, 0xb704, &(0x7f00000018c0)=<r14=>0x0) mount$fuse(0x0, &(0x7f0000001640)='./file0\x00', &(0x7f0000001680), 0x2011, &(0x7f0000001900)={{'fd', 0x3d, r8}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, 0xee00}, 0x2c, {'group_id', 0x3d, r10}, 0x2c, {[{@allow_other}, {@max_read={'max_read', 0x3d, 0x8}}], [{@euid_eq={'euid', 0x3d, r11}}, {@permit_directio}, {@dont_measure}, {@uid_eq={'uid', 0x3d, r12}}, {@fowner_lt={'fowner<', r13}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'ext4_nfs_commit_metadata\x00'}}, {@uid_lt={'uid<', r14}}, {@dont_hash}]}}) listxattr(&(0x7f0000001a80)='./file0\x00', &(0x7f0000001ac0)=""/215, 0xd7) quotactl_fd$Q_QUOTAOFF(0xffffffffffffffff, 0xffffffff80000300, r9, 0x0) 8.130605184s ago: executing program 1 (id=669): socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000280), 0x6) write(r0, &(0x7f0000000340)="05000000", 0x4) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x4, 0x0, &(0x7f0000000100)) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20}, 0x1c) r2 = accept4$netrom(0xffffffffffffffff, &(0x7f0000000680)={{0x3, @netrom}, [@rose, @netrom, @rose, @bcast, @null, @default, @netrom, @null]}, &(0x7f00000003c0)=0x48, 0x800) r3 = dup2(r2, 0xffffffffffffffff) listen(r1, 0x80080400) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2b000000b7f781fdb7823e4e8c5e14b2ff1e0e0300a5e9148a84e5cd55be8efb1b786542fad12b6052392e8dc5fb762c0b235c902b352ff32c8b4517f5e44abc1edde8545c9feb6b54", @ANYRES16=0x0, @ANYBLOB="000000000000000000003900000008000300", @ANYRES32=0x0, @ANYBLOB="0c005a800800018004000200"], 0x28}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b0007010000000000000000047c00000400000014000180060006000806000008"], 0x2c}}, 0x0) r5 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @remote}, 0x10) getsockopt$inet_int(r5, 0x10d, 0x15, &(0x7f0000000000), &(0x7f0000000080)=0x4) openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000540)=0x200, 0x4) r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) cachestat(r6, &(0x7f00000005c0)={0x998e, 0x2}, &(0x7f0000000600), 0x0) pipe2(&(0x7f0000000040), 0x0) ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f00000004c0)={[{0x8, 0x2, 0x6, 0x3, 0x1, 0x5, 0x7, 0x0, 0x0, 0x5, 0x5, 0x5b, 0x6}, {0x7, 0x6, 0x10, 0x0, 0x3f, 0x2, 0xf9, 0xf0, 0x3, 0xd6, 0x8, 0x0, 0x3}, {0x3, 0x10, 0x0, 0x94, 0x6, 0x2, 0x40, 0x5, 0x4, 0xf, 0x40, 0x3}], 0x1000}) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="2400000000000000000000000000000000000000106e70757400"/36], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0) capset(0x0, &(0x7f0000000040)) r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) fremovexattr(r7, &(0x7f0000000080)=@known='trusted.overlay.redirect\x00') sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="040e0c00031000d8570ee6d75c"], 0xf) 7.774573927s ago: executing program 1 (id=671): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea0009058703"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000002340)={'wlan0\x00'}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000002640)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000740)) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000680)=0x40) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="041816aaaaaaaaaa103395f9d846821098c6fb9d"], 0x1a) r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r1) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1400", @ANYRES16=r6], 0x14}}, 0x0) 7.302229972s ago: executing program 3 (id=672): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x8501f4c9cce688f6) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000e12000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000040)="c74424006cb301a9c74424025fd10000c7442406000000000f0114246443de0b41a800460fc73da7950000c401f817783036f2400f0864f3460f35430f7918c4c1f9c5d40f673e460f01df", 0x4b}], 0x1, 0x0, &(0x7f0000000140)=[@efer={0x2, 0xc800}, @vmwrite={0x8, 0x0, 0x11, 0x0, 0x3, 0x0, 0x1, 0x0, 0x5}], 0x2) r2 = gettid() process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f00000000c0)=[{&(0x7f0000217f28)=""/217, 0xd9}], 0x1, 0x0) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) r3 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, r3, 0x0) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 7.017763442s ago: executing program 3 (id=673): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x3}}, @TCA_CT_NAT_PORT_MIN={0x6}, @TCA_CT_ACTION={0x6, 0x3, 0x19}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8800}, 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r8, r3, 0x25, 0x1, @void}, 0x10) syz_emit_ethernet(0x22, &(0x7f0000000100)={@broadcast, @local, @val={@void}, {@can={0xc, {{}, 0x0, 0x0, 0x0, 0x0, "534ead40a3537293"}}}}, 0x0) r9 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2) pselect6(0x40, &(0x7f0000000040)={0xc, 0x200000000000000}, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r9, 0x4020565a, &(0x7f0000000180)={0x3, 0x98f904, 0x1}) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000200095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) r11 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0) syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$TIOCGPTPEER(r11, 0x90000915, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r11, 0x541c, &(0x7f00000000c0)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000001000)='sched_switch\x00', r10}, 0x10) socket$kcm(0x2, 0x200000000000001, 0x106) 6.498510223s ago: executing program 3 (id=675): openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) r0 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendto$inet_nvme_icreq_pdu(r0, &(0x7f0000000000)={{0x0, 0xa, 0x80, 0x6}, 0x0, 0x0, 0x0, 0x7fff}, 0x80, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = dup(r3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r4, 0x0) preadv2(r3, &(0x7f00000006c0)=[{&(0x7f0000000600)=""/166, 0xa6}], 0x1, 0xc14, 0x9, 0x8) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r6 = dup(r5) ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000180)=ANY=[]) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f00000000c0)={0x0, 0x0, 0x30}, 0xc) bind$inet6(r7, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r7, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f00000004c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_elf64(r7, &(0x7f0000000380)=ANY=[], 0x2df) syz_usb_connect(0x2, 0x5f, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0xd0, 0x3d, 0x79, 0x40, 0x12d1, 0x641b, 0xbee7, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x4d, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x6c, 0x2, 0x0, 0xff, 0x1, 0x14, 0x0, [@uac_as={[@format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x7f, 0x1, 0x7, 0xf, "b9c749eef5be"}, @as_header={0x7, 0x24, 0x1, 0x1, 0x43, 0x1002}]}, @uac_control={{0xa, 0x24, 0x1, 0x1, 0x10}, [@extension_unit={0x9, 0x24, 0x8, 0x1, 0xffff, 0x1, "e6a5"}, @feature_unit={0x7, 0x24, 0x6, 0x5, 0x4, 0x0, [], 0x4}, @extension_unit={0x8, 0x24, 0x8, 0x1, 0x6d, 0xc8, '3'}, @selector_unit={0x5, 0x24, 0x5, 0x1, 0x9}]}]}}]}}]}}, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000001f40), 0xc) sendmmsg$inet6(r7, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)='4', 0x1}], 0x1}}], 0x1, 0x0) sendto$inet6(r7, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988300d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0x0, 0x0, 0x0) 6.200309456s ago: executing program 1 (id=676): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000c0000000000000300000040c201802c0004001400010002000000ac1414aa000002000000e000000200000000000000000d0001007564703a73747a320000000056aabeb83602a01e8173f9a1b04e24963963cf77f108744c353349ba0f8f45ebcd296df8fa7f9d924327153b0c5361409b2aee3248dedd8fcf6c1356bc02455d5d6eb0ed1d18f4ba8556320ee27c67b4fbfd3617417f154bbd6f76930c7c"], 0x54}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, 0x0, 0x4) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000062c0)=[{{&(0x7f0000000500)=@phonet, 0x80, 0x0}, 0xfff}, {{0x0, 0x0, &(0x7f0000006180)=[{&(0x7f0000004f80)=""/46, 0x2e}, {0x0}], 0x2}, 0x5}], 0x2, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x301100, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x74000000) io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0) write$dsp(r0, &(0x7f0000002000)='`', 0x88020) r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0) ioctl$SNDCTL_SEQ_PANIC(r5, 0x5100) readv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/187, 0xbb}, {0x0}], 0x2) 5.794374361s ago: executing program 2 (id=677): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x2}, 0x48) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg0\x00'}) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=@newtaction={0xea8, 0x30, 0x25, 0x0, 0x0, {}, [{0xe94, 0x1, [@m_pedit={0xe90, 0x1, 0x0, 0x0, {{0xa}, {0xe64, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x1000000}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}, {}, {}, {}, {0x1ff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x9e6f}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x8001}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}]}}, @TCA_PEDIT_KEYS_EX={0x40, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xea8}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x6}, 0x48) io_setup(0x401, &(0x7f00000004c0)) socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$mouse(&(0x7f00000000c0), 0x9, 0x232440) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x0) timerfd_create(0x0, 0x0) r1 = getpid() r2 = syz_pidfd_open(r1, 0x0) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$uinput_user_dev(r3, &(0x7f0000000400)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x95], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe]}, 0x45c) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x2) ioctl$UI_SET_RELBIT(r3, 0x40045566, 0x8) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000080)={0x0, 0x2, 0x7ff, 0x1, r1}) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r3, 0x5501, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) close_range(r2, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00') read$FUSE(r4, &(0x7f0000000400)={0x2020}, 0x2020) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) 5.270805202s ago: executing program 0 (id=678): r0 = socket(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7, 0xfff1}}, [@filter_kind_options=@f_basic={{0xa}, {0x14, 0x2, [@TCA_BASIC_POLICE={0x10, 0x4, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}]}]}}]}, 0x44}}, 0x0) (fail_nth: 1) 5.03259965s ago: executing program 0 (id=679): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-pclmul\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs$userns(0x0, &(0x7f00000004c0)) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f0000000580)) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000300), 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f0000000340)}}], 0x1, 0x0, 0x0) pipe2$9p(0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/route\x00') read$FUSE(r4, &(0x7f0000007700)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020) setresgid(r5, 0xffffffffffffffff, 0xffffffffffffffff) sendmmsg$inet6(r1, &(0x7f0000004340)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)='4', 0x1}, {&(0x7f00000002c0)="b94852de052a1dcd7f8ccf709cd7b380", 0x10}], 0x2}}], 0x1, 0x0) 4.904573837s ago: executing program 2 (id=680): r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x700, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000000210001050000fcffffff000002000000050025c4f9ff00"], 0x2c}}, 0x0) 4.826350296s ago: executing program 2 (id=681): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='sample_threshold\x00', r0}, 0x10) capset(0x0, &(0x7f0000000040)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r4=>0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @empty, 0x9}, @ib={0x1b, 0x0, 0x0, {"0e000000000000000000000004000001"}}}}, 0x118) writev(r2, &(0x7f0000000300), 0x0) r5 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, 0x1c) listen(0xffffffffffffffff, 0x8) socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40043, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r7, 0xc05064a7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)=[<r9=>0x0], &(0x7f0000000040), 0x0, 0x1, 0x0, 0x0, r8}) ioctl$DRM_IOCTL_MODE_SETPROPERTY(r7, 0xc01064ab, &(0x7f0000000040)={0x0, r9, r8}) socket$kcm(0x2, 0xd, 0x2) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}}, 0x0) gettid() timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) 4.008131792s ago: executing program 0 (id=682): sched_setaffinity(0x0, 0xfffffffffffffe58, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) readv(0xffffffffffffffff, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x18, "000080f100df000000a7d9de16c708db7200"}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0) r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x81) fchdir(r2) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000300)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r3}, 0x10) socket$kcm(0x2b, 0x1, 0x0) r4 = socket(0x10, 0x3, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58) r5 = socket$key(0xf, 0x3, 0x2) r6 = socket(0xf, 0x3, 0x2) write(r6, &(0x7f0000a97ff0)="020baf010200000000067bbc8e1d4b48", 0x10) sendmsg$key(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="020b00e50200000000236e6f402875b945c80100"/29], 0x10}}, 0x0) r7 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r7, &(0x7f0000000000)={0x27}, 0x62) listen(r7, 0x0) epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000180)={0xa0000015}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) 3.507294833s ago: executing program 2 (id=683): syz_open_dev$ttys(0xc, 0x2, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) mkdir(0x0, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0) mknodat(0xffffffffffffffff, 0x0, 0x0, 0x0) chdir(0x0) r1 = openat$vicodec0(0xffffff9c, &(0x7f0000001bc0), 0x2, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0185647, &(0x7f0000002380)={0xa00000, 0x3ff, 0x5476, r1, 0x0, &(0x7f0000002340)={0x50009, 0xc, '\x00', @string=0x0}}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) pipe2(&(0x7f0000000e40)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, r3, r4, 0x0) openat$vimc2(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r5, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r5, 0x0) shutdown(r2, 0x1) setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) sendto$inet6(r2, &(0x7f0000000080)="ae95e80e8a95a8823f4b2b94a131fd7a32df0edc4d5c5d8d601e0d018829e979eb04a041f86d096fa7fb623eb39879a33e949757108db5a0342db11ffe3e6f32e9419c9b041c1688b0f687387b098eeacd0e8b86189e15a3af07c1c6", 0x5c, 0x24000002, &(0x7f0000b63fe4)={0xa, 0x4e21}, 0x1c) 3.374072975s ago: executing program 3 (id=684): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea0009058703"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000002340)={'wlan0\x00'}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000002640)={0x0, 0x0, 0x0}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000740)) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000680)=0x40) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="041816aaaaaaaaaa103395f9d846821098c6fb9d"], 0x1a) r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r1) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000", @ANYRES16=r6], 0x14}}, 0x0) 2.492936084s ago: executing program 2 (id=685): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x3}}, @TCA_CT_NAT_PORT_MIN={0x6}, @TCA_CT_ACTION={0x6, 0x3, 0x19}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8800}, 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r8, r3, 0x25, 0x1, @void}, 0x10) syz_emit_ethernet(0x22, &(0x7f0000000100)={@broadcast, @local, @val={@void}, {@can={0xc, {{}, 0x0, 0x0, 0x0, 0x0, "534ead40a3537293"}}}}, 0x0) r9 = syz_open_dev$vbi(&(0x7f0000000040), 0x1, 0x2) pselect6(0x40, &(0x7f0000000040)={0xc, 0x200000000000000}, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r9, 0x4020565a, &(0x7f0000000180)={0x3, 0x98f904, 0x1}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000200095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r11, @ANYBLOB="010000000074575af3ab0d8d3c72"], 0x14}}, 0x0) r12 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0) syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$TIOCGPTPEER(r12, 0x90000915, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r12, 0x541c, &(0x7f00000000c0)) socket$kcm(0x2, 0x200000000000001, 0x106) 1.454149639s ago: executing program 2 (id=686): ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0) r1 = openat$proc_capi20ncci(0xffffff9c, &(0x7f0000000000), 0x1a1841, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0), 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000704000/0x4000)=nil, 0x4000}}) openat$vimc1(0xffffff9c, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000d80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831b538dfd8e012e79578e51bc5af65ff7ae735ffc8191a9bb0a83099e90f4580d760551b5b342f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea086e95767d42b4e54861d0227dbfd2e6d28715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c62fd5d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc2200000000000001ff9682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e2331d01ce99a069694124d37cef099ece729aa218f9f44ad06a223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb8fc500404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99ff987900040000009feb121c49e07dbed4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39e00213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd9205218ee0200e2ff08644fb94c06003dc39050f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e906049fe86e09c58e273cd905deb28c13c1ed1c9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f891fab9d3f2e82c5f6fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935000000009c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f281e6bad1e5aa6d901c279eb156c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b4c6936531effce7115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b402bbab76fbb9d8a917df5b2e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380b3e365f84a3e5b116ae3e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627aaefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a00000000000000000000000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8d5f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c4a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d76ef45af7d87b308117a9ea24dcda2bc42cf20942c31268a400a221d7b1622585094e9dd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a420cc91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc1a170200a63a83ab25a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b47800acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7acb37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c901d99eced99b46b43016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa91811ccd7c1b1a92bac529df90000000000000000000000004000301b5557b674a86db8c4bfd58ff30000000000000000000000e8f1ed2ea68b0569be17bd73c0633ed4acaaef9e9f7d21998f55b71b26af7e284b1cc4685d740a9d106380dd8cb78f9d9c8cf59b155bc569ddd3098417286bec31896306410a60acadb0f3fb44d30b82986b792635155fa3d562d3aa09452cbb201b0dfed6412837bc2237acf7ca5997ee1898541f4a1c4031e240ccc80ee8fad036ce04409c4630821b8b99be5a3f72afc458f8417544014a67ae4ad31b15c8e13c9f0cdee4abefd0ed28a4a55dd992a748008822d05f13b1a8112d7f41e3bf28bcc1b0963798bed4e0db07d0574016276aa28a86eb33d20a5d58f58201edcef1253b02aac4c74427322ec24809bb059c41db9ee1c3e728c76c5ade17df0a7fc74229ea1a525ee42e8eac3675cb18d6c06748e93179c382f331dde2eea7eab2da71c2ea7086c0c71b6e3d837fdfdc1a5285c471b11eb3311a9f7459a57f7174d000000000000000000000000000000000000000000000008c6987f5d91d640fe5d83d4489b382fe3d3e49c23dcee2af69ba44ab575f354ed026cbf37acc05331084088093fa14152ee6d861dc27a69a9a563c0feb8b27fb7d4586b35a6f181793d5b73e231e7a2d1a6f564a06adc348b9a1c1017f908f99e136b04a0d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xa, 0x0, 0x4, 0xff, 0x20, 0x1}, 0x48) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r3, 0x89f7, &(0x7f0000000580)={'sit0\x00', &(0x7f00000004c0)={@private=0xa010102, 0x0, 0x0, 0x70, 0x0, [{}, {@initdev}, {@initdev}, {@local}, {}, {@remote}, {@broadcast}]}}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000380)={{0x1, 0x1, 0x18, r2, {0x2}}, './file0\x00'}) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x9004}, 0x4) syz_emit_ethernet(0xfdef, &(0x7f0000000c00)=ANY=[@ANYBLOB="bbbbbbbbbbbbaa8aaaaaaa00080045000014000000020000907800000002e000000289c649d98a7b858f589b72e842a04f615d8b043d262677a09e65c95c1af4b2482a32edcdeb5c5dfa0af47bbd401fb729c2faaebc7ab782b9c909a6c780e55d8abdc0bef5358bd15f5e9f3f46885b7ca165ca28a7d1d17db566ecd0c62b3832b46b37ccf892a731a1e8f188e750684707e9d8dda5b6dbd8562bbbb9916bf9100485fe6a2962c81c73087e4feec654e508024808c9202f28113599f431e026bf9dbe7cf612a853a58e8f14785f883554bd41c3cae0d149598ff8622a39460900801e41152b81dae6220b5ea60bb50e0dcb2a2acd5c8e24ac66"], 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=@newtaction={0x84, 0x30, 0x1, 0x0, 0x0, {0x7a}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x8, 0x0, 0x0, 0x0, 0x0, 0x80000002}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xce}, 0x0, 0x0, 0x1}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x0, 0x2}}}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x800}, 0x0) bind$rds(r1, &(0x7f0000000300)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10) r7 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r7) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001ac0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 970.053054ms ago: executing program 1 (id=687): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(aes-aesni)\x00'}, 0x58) syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0xb989) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000001280), 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/rt_cache\x00') r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, &(0x7f0000000040)=@generic) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="00010000", @ANYRES16, @ANYBLOB], 0x1c}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, 0x0, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x1c}}, 0xbaa481130a5d687d) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @private0}}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'veth0_virt_wifi\x00'}) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8b28, &(0x7f0000000000)={'wlan1\x00'}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f0000000080)={0x13, 0x10, 0xfa00, {&(0x7f0000000480), 0xffffffffffffffff, 0x1}}, 0x18) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="16000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0xc, 0xa031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00007fe000/0x800000)=nil, 0x800000, 0x19) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) 349.182144ms ago: executing program 0 (id=688): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c000000010000504000000000000000000000000a5b65a1ad4bbf4824311eebbfcd8b72dc9525bee17553fb19b9a5ce8ba550b68968b4b3dbb5b53718b28ae7559a41e413038dcac2237ad72a5cbff3f6d6456a334add5eb10d63557f117d9ff1135", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b00010065727370616e000010000280050016000800000004001200"], 0x40}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001640)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x9}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x9}, {}, {}, {}, {}, {}, {0x2000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x7fff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7fffffff}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x100008) ioctl$TIOCSCTTY(r2, 0x540e, 0x81) 264.154134ms ago: executing program 0 (id=689): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f00000005c0)={0x164, r1, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x150, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x3, 0x6, 0x3ff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "a5c2ceb329f0cdf4330543b1c794e74cca32b4632358"}}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "51c26aa0735c734da07c80b40b53720831a7dae4"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ID={0xbd, 0x3, "379fded748fad207200dcec6cafacc249620ca6a53b68cddda8f7c5a5ddd0ca286b8f359e3ffa3aa4b66a9b3f4db45279f8d97d63f259ffc6d3fb9153401671da5c78831cd613792c1bd01515702fdcfd4787cde270fb4515083a3a35b0e3009d5df76b77363cf90b33e98beec1e0d3c86761199fcf181a1aea0e1278608bf9c161bb5bedf830c1c3a58e12bad2ce335c1434c44cdc2d498af59bb621249563015822eaf112142361aeae34217169b451bb4ca80c25c64e668"}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x10}, 0x4001) sendmsg(r0, &(0x7f0000001780)={&(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @empty}, 0x3, 0x2, 0x2}}, 0x80, &(0x7f0000000240)=[{&(0x7f00000001c0)="007d2747e00fa87eb22654ade93ae07ca8000000006930eaf3e53c1ad8000000", 0x20}, {&(0x7f0000000140)="88cd039931009c568d62ad31f78c49c2e42002eb2c43819050d5ea000704cb2c6bf695df58375491bb91c88b85598173cea2000b8acc49c1e88c63ec0d6d106ac27caf495acb2449cc4e4b6970b690fc9983a67db6b3b13e9ced791ae35a7c828c", 0x61}, {&(0x7f0000000200)="03f5010e", 0x4}], 0x3, &(0x7f0000001880)=ANY=[@ANYRESOCT=0x0], 0x1544}, 0x4040140) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000017c0)=ANY=[@ANYBLOB="140000002400090000283600000000000300000079f6d66820e92542870109dd2442f20f8b6660e6eca51b0203aba09eb238be8af1677ef7eb514526da5860d60652d99c1c6e73ee05ca62c17fc22f0439c602a27e606a07822e0dc4298c37b5330dc97ced2b08965bb3fd40236eaaaf926a64c07dcf95ac98bceaaaee6114b31bb3d3782d88d13a22a3"], 0x14}}, 0x0) 199.544062ms ago: executing program 3 (id=690): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f00000000c0)=[{&(0x7f0000217f28)=""/217, 0xd9}], 0x1, 0x0) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3f00, 0x4002011, r1, 0x0) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 199.094019ms ago: executing program 0 (id=691): r0 = getpid() r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r2) ioperm(0x0, 0xf1, 0x7) r3 = fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r3, 0x6, 0x0, 0x0, 0x0) syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r2, 0xc010640c, &(0x7f00000004c0)={0x11}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000007000000b7030000000000008500000072000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r4, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x4c) read(r1, &(0x7f0000000080)=""/1, 0x1) write$cgroup_pid(r1, &(0x7f00000000c0)=r0, 0x12) close(r1) openat(r1, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x5f9742, 0x9e) openat(0xffffffffffffffff, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000400)={0x0, 0xfffffff0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000760009eeffffffffffffff0400000000", @ANYRES32=0x0, @ANYBLOB="04000d80080005"], 0x24}, 0x1, 0x5502000000000000}, 0x0) pwritev(r5, &(0x7f0000000480)=[{&(0x7f0000000500)="a1dc3e7e762fa0e31083bb5c44e6e6878ef80629891230f998ff2d3d787dee8289355d7e005364d47d3afab14c58ca666f116a36d089f1d1842667554d9ce10b2a80a1d3094ea3bfb1baed7df9a5485a5b3eebedc6b9e39716c588c9ba", 0x5d}, {&(0x7f0000000580)="a6a228f956b86744832292273511966b16fd9bbb6c5ed658165940531a5029690bfbf9b0abc1c83de5d224e0fbfd68e5556397c8c69cdc85389241778442939d760673eb364deb7d32d3947010736f897e814c2cdc72073b23d3a5fe252f8d75a3c94f22165125af7ec2aa01ec2fa60f9121b9f3280b6779de8e82a14b2e57a554684bfe68faa5f8ccc666373a4a3f22dbc4301896c8354891eceecfc3a8f1c6f5afcc38403867c60851c0496895985ee8b5c2fec5a5c221d92d50ba4fba03a5c6ad17583b2fb04c496373ccf5c86fc8f147275c82fe26", 0xd7}, {&(0x7f0000000740)="48121a5ecc1edcdd28fcf53d24c6d4eb3bb1d889fb661f6d6bd27ba3d4c185bcee4fb4904a39760fb6509138b9ac76b380f8ba6d5872c38e116b40e1c7b0f35f27a7201d6f6439e373815c911facb1874bc17020b51d6920e7bec00b9a3d81b6a7baa2d251e1cab89e8788df49fded9fb4b33700d9b43e6905430333608ac2ead45c6c3aec5e4f9770ff3c508a", 0x8d}, {&(0x7f0000000800)="18923af5c7ff50ee1a1b3c2d7fd158c6d37fae685ee2e2ebd0667ab695e07122fd18cb038524a862245b51743d97461d1fe2fc0e7018b00a9a9f035c7815ab3584c6ad54eeb2f4e65095529daba338f414a85920ab92601c71a7f7c88cee072ee9ed03a28b84a90036dc49ba8f9918c227796e61ac54dc4ce69d435eece1021b87e54440bd33369b17d9317c393f63c13251aba4f1f875a8f045eaed117300eb84df75a319440a4d62a4d218dd995d512ce09d0af4f10c63cb4c", 0xba}], 0x200000000000004a, 0x6, 0xffff97bb) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/cgroup.procs\x00', 0x2, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r7, 0x4068aea3, &(0x7f0000000380)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f000009de00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB="2c0000006800552ff539e04b8ba4fd9d22000000000000000000000000000000b1e900000000001400020000"], 0x2c}}, 0x0) syz_open_dev$MSR(&(0x7f0000000000), 0x7, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c614b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffd4a}, 0x41) eventfd(0x0) socket$nl_sock_diag(0x10, 0x3, 0x4) 75.08992ms ago: executing program 1 (id=692): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2) socket(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000000020e6ffffff00000f000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) ioctl$NBD_SET_SIZE_BLOCKS(r2, 0xab07, 0xb) r3 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r3, 0xab00, r4) ioctl$NBD_DO_IT(r3, 0xab03) ioctl$NBD_CLEAR_SOCK(r2, 0xab04) syz_open_dev$ndb(&(0x7f00000002c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) semget(0x1, 0x0, 0x4cc) open(0x0, 0x400141042, 0x0) semget(0x3, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) semctl$IPC_RMID(0x0, 0x0, 0x0) semget(0x1, 0x3, 0x204) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000100)={&(0x7f0000000080)=[0x0], 0x1, 0x80000, 0x0, <r5=>0xffffffffffffffff}) r6 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r6, &(0x7f0000000280)={0x18, 0x2, {0x0, @private=0xa010104}}, 0x1e) connect$pptp(r6, &(0x7f0000000080)={0x18, 0x2, {0x3, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x1e) sendmsg$IPSET_CMD_HEADER(r5, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="300000000c06050000003d00000000000300000205000100070000df9f0002007309000000e10000050001ff06000000"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc0445609, &(0x7f0000000180)=@mmap={0x6, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e90bc2f9"}}) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0f00000001080300000000020000000003000001"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x240488d0) 0s ago: executing program 3 (id=693): syz_open_procfs(0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f0000002240)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r3=>0x0}) socket$inet6(0xa, 0x2, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000008c0)=ANY=[@ANYBLOB="2000000010000104faffffff000000e200004800", @ANYRES32=r3, @ANYBLOB='&'], 0x20}}, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0) (fail_nth: 7) read$FUSE(0xffffffffffffffff, 0x0, 0x0) kernel console output (not intermixed with test programs): 6655] __ia32_sys_bpf+0x76/0xe0 [ 216.162036][ T6655] __do_fast_syscall_32+0x73/0x120 [ 216.164248][ T6655] do_fast_syscall_32+0x32/0x80 [ 216.166340][ T6655] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 216.169064][ T6655] RIP: 0023:0xf7f14579 [ 216.170787][ T6655] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 216.178848][ T6655] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 216.182232][ T6655] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000600 [ 216.185554][ T6655] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 216.188923][ T6655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 216.192203][ T6655] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 216.195125][ T6655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 216.198037][ T6655] </TASK> [ 216.566107][ T6664] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 216.968454][ T5357] Bluetooth: hci5: command 0x0406 tx timeout [ 217.138666][ T5851] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 217.313326][ T6677] xt_NFQUEUE: number of total queues is 0 [ 217.318472][ T5851] usb 5-1: Using ep0 maxpacket: 32 [ 217.356506][ T5851] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 217.360505][ T5851] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 217.365088][ T5851] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 217.400452][ T5851] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 217.411322][ T5851] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 217.417646][ T5851] usb 5-1: config 0 interface 0 has no altsetting 0 [ 217.434701][ T5851] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 217.438657][ T5851] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 217.442461][ T5851] usb 5-1: Product: syz [ 217.444227][ T5851] usb 5-1: Manufacturer: syz [ 217.446125][ T5851] usb 5-1: SerialNumber: syz [ 217.455260][ T5851] usb 5-1: config 0 descriptor?? [ 217.463045][ T5851] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 217.481656][ T5851] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 217.772195][ T6671] ldusb 5-1:0.0: Couldn't submit interrupt_in_urb -90 [ 217.827046][ T5851] usb 5-1: USB disconnect, device number 5 [ 217.831295][ T5851] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 218.469935][ T6683] MTD: Attempt to mount non-MTD device "/dev/nbd1" [ 218.474784][ T6683] syz.1.288: attempt to access beyond end of device [ 218.474784][ T6683] nbd1: rw=0, sector=0, nr_sectors = 2 limit=0 [ 218.553656][ T6691] netlink: 48 bytes leftover after parsing attributes in process `syz.0.291'. [ 218.557343][ T6691] netlink: 24 bytes leftover after parsing attributes in process `syz.0.291'. [ 218.699889][ T6694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.291'. [ 218.703245][ T6694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.291'. [ 219.008402][ C0] vkms_vblank_simulate: vblank timer overrun [ 219.029900][ T5362] Bluetooth: hci11: Controller not accepting commands anymore: ncmd = 0 [ 219.034465][ T5362] Bluetooth: hci11: Injecting HCI hardware error event [ 219.042918][ T5357] Bluetooth: hci11: hardware error 0x00 [ 220.139146][ T6714] netlink: 24 bytes leftover after parsing attributes in process `syz.1.296'. [ 220.481077][ T5362] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 220.485065][ T5362] Bluetooth: hci4: Injecting HCI hardware error event [ 220.489987][ T5362] Bluetooth: hci4: hardware error 0x00 [ 221.019555][ T5366] Bluetooth: hci4: unexpected event for opcode 0x0406 [ 221.029198][ T6722] capability: warning: `syz.0.298' uses 32-bit capabilities (legacy support in use) [ 221.197711][ T5366] Bluetooth: hci3: unexpected event 0x06 length: 23 > 3 [ 221.228558][ T5357] Bluetooth: hci11: Opcode 0x0c03 failed: -110 [ 221.547180][ T6731] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 222.548617][ T5362] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 222.558592][ T5362] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 222.563339][ T5362] Bluetooth: hci3: Injecting HCI hardware error event [ 222.567340][ T5362] Bluetooth: hci3: hardware error 0x00 [ 222.808730][ C0] vkms_vblank_simulate: vblank timer overrun [ 223.029031][ C0] vkms_vblank_simulate: vblank timer overrun [ 223.083225][ C0] vkms_vblank_simulate: vblank timer overrun [ 223.228431][ C0] vkms_vblank_simulate: vblank timer overrun [ 224.630968][ T5362] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 224.774250][ C0] vkms_vblank_simulate: vblank timer overrun [ 224.856434][ T6761] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 225.039968][ C0] vkms_vblank_simulate: vblank timer overrun [ 225.385642][ C0] vkms_vblank_simulate: vblank timer overrun [ 225.642130][ C0] vkms_vblank_simulate: vblank timer overrun [ 225.692825][ C0] vkms_vblank_simulate: vblank timer overrun [ 225.735795][ C0] vkms_vblank_simulate: vblank timer overrun [ 227.006925][ T6772] netlink: 48 bytes leftover after parsing attributes in process `syz.0.315'. [ 227.033795][ T6772] netlink: 24 bytes leftover after parsing attributes in process `syz.0.315'. [ 227.206871][ T6775] netlink: 8 bytes leftover after parsing attributes in process `syz.0.315'. [ 227.220584][ T6775] netlink: 8 bytes leftover after parsing attributes in process `syz.0.315'. [ 228.224978][ T6789] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 228.569031][ T5362] Bluetooth: hci10: Controller not accepting commands anymore: ncmd = 0 [ 228.573500][ T5362] Bluetooth: hci10: Injecting HCI hardware error event [ 228.610891][ T5362] Bluetooth: hci10: hardware error 0x00 [ 228.777427][ T6799] ======================================================= [ 228.777427][ T6799] WARNING: The mand mount option has been deprecated and [ 228.777427][ T6799] and is ignored by this kernel. Remove the mand [ 228.777427][ T6799] option from the mount to silence this warning. [ 228.777427][ T6799] ======================================================= [ 230.376178][ C0] vkms_vblank_simulate: vblank timer overrun [ 230.448789][ C0] vkms_vblank_simulate: vblank timer overrun [ 230.594025][ C0] vkms_vblank_simulate: vblank timer overrun [ 230.812829][ C0] vkms_vblank_simulate: vblank timer overrun [ 230.817844][ T5362] Bluetooth: hci10: Opcode 0x0c03 failed: -110 [ 230.977137][ C0] vkms_vblank_simulate: vblank timer overrun [ 231.120072][ C0] vkms_vblank_simulate: vblank timer overrun [ 231.158828][ C0] vkms_vblank_simulate: vblank timer overrun [ 231.598524][ C0] vkms_vblank_simulate: vblank timer overrun [ 231.836832][ C0] vkms_vblank_simulate: vblank timer overrun [ 231.940404][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.077652][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.111531][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.228450][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.311173][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.408373][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.498771][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.553606][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.608402][ C0] vkms_vblank_simulate: vblank timer overrun [ 234.045448][ T6831] bridge_slave_0: left allmulticast mode [ 234.050496][ T6831] bridge_slave_0: left promiscuous mode [ 234.054502][ T6831] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.064563][ T6831] bridge_slave_1: left allmulticast mode [ 234.066893][ T6831] bridge_slave_1: left promiscuous mode [ 234.072275][ T6831] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.083293][ T6831] bond0: (slave bond_slave_0): Releasing backup interface [ 234.101088][ T6831] bond0: (slave bond_slave_1): Releasing backup interface [ 234.132543][ T6831] team0: Port device team_slave_0 removed [ 234.144581][ T6831] team0: Port device team_slave_1 removed [ 234.147945][ T6831] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 234.152801][ T6831] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 234.157727][ T6831] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 234.161308][ T6831] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 235.230766][ T57] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 235.408355][ T57] usb 8-1: Using ep0 maxpacket: 8 [ 235.413222][ T57] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 235.428385][ T57] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 235.432184][ T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.449135][ T57] usb 8-1: config 0 descriptor?? [ 235.719981][ T57] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 235.981244][ T6852] Illegal XDP return value 4294967274 on prog (id 70) dev N/A, expect packet loss! [ 236.434498][ T5896] usb 8-1: USB disconnect, device number 5 [ 236.439628][ T5896] iowarrior 8-1:0.0: I/O-Warror #0 now disconnected [ 237.830939][ T59] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 238.029517][ T59] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 238.033289][ T59] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 238.046228][ T59] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 238.050573][ T59] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 238.054747][ T59] usb 8-1: Manufacturer: syz [ 238.059297][ T59] usb 8-1: config 0 descriptor?? [ 238.158533][ T59] rc_core: IR keymap rc-hauppauge not found [ 238.161563][ T59] Registered IR keymap rc-empty [ 238.168218][ T59] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 238.180806][ T59] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input7 [ 238.360849][ T6871] ptrace attach of "/syz-executor exec"[6874] was attempted by "/syz-executor exec"[6871] [ 238.360896][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 238.360909][ T39] audit: type=1400 audit(1725780163.024:33): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=6870 comm="syz.3.342" [ 238.584879][ T59] usb 8-1: USB disconnect, device number 6 [ 239.250761][ T6881] block nbd3: NBD_DISCONNECT [ 239.254580][ T6881] block nbd3: Disconnected due to user request. [ 239.266783][ T6881] block nbd3: shutting down sockets [ 240.703499][ T6897] evm: overlay not supported [ 240.708189][ T6897] Invalid ELF header magic: != ELF [ 240.711015][ T39] audit: type=1804 audit(1725780165.364:34): pid=6897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.348" name="/newroot/77/bus/bus" dev="overlay" ino=453 res=1 errno=0 [ 240.873817][ T6899] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 241.210608][ T6903] FAULT_INJECTION: forcing a failure. [ 241.210608][ T6903] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 241.233731][ T6903] CPU: 2 UID: 0 PID: 6903 Comm: syz.3.351 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 241.238551][ T6903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 241.244812][ T6903] Call Trace: [ 241.246241][ T6903] <TASK> [ 241.247662][ T6903] dump_stack_lvl+0x16c/0x1f0 [ 241.249657][ T6903] should_fail_ex+0x497/0x5b0 [ 241.251713][ T6903] _copy_to_user+0x30/0xc0 [ 241.253605][ T6903] simple_read_from_buffer+0xd0/0x160 [ 241.256012][ T6903] proc_fail_nth_read+0x19e/0x280 [ 241.258152][ T6903] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 241.260685][ T6903] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 241.262997][ T6903] vfs_read+0x1d4/0xbd0 [ 241.264887][ T6903] ? __fdget_pos+0xeb/0x180 [ 241.266828][ T6903] ? __pfx_vfs_read+0x10/0x10 [ 241.268823][ T6903] ? __pfx___mutex_lock+0x10/0x10 [ 241.270995][ T6903] ? __fget_files+0x256/0x400 [ 241.272977][ T6903] ksys_read+0x12f/0x260 [ 241.274899][ T6903] ? __pfx_ksys_read+0x10/0x10 [ 241.276903][ T6903] __do_fast_syscall_32+0x73/0x120 [ 241.279043][ T6903] do_fast_syscall_32+0x32/0x80 [ 241.281045][ T6903] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 241.283685][ T6903] RIP: 0023:0xf73de579 [ 241.285406][ T6903] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 241.293599][ T6903] RSP: 002b:00000000f56d65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 241.297125][ T6903] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f56d6620 [ 241.300400][ T6903] RDX: 000000000000000f RSI: 00000000f73cfff4 RDI: 0000000000000000 [ 241.303692][ T6903] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 241.307236][ T6903] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 241.311277][ T6903] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 241.314628][ T6903] </TASK> [ 242.612235][ T59] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 242.798438][ T59] usb 6-1: Using ep0 maxpacket: 16 [ 242.803758][ T59] usb 6-1: config 0 has no interfaces? [ 242.807195][ T59] usb 6-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 242.813534][ T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.827540][ T59] usb 6-1: config 0 descriptor?? [ 243.281951][ T6918] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 243.309208][ T6918] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 244.070943][ T6937] FAULT_INJECTION: forcing a failure. [ 244.070943][ T6937] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 244.080068][ T6937] CPU: 3 UID: 0 PID: 6937 Comm: syz.0.358 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 244.085460][ T6937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 244.090203][ T6937] Call Trace: [ 244.091770][ T6937] <TASK> [ 244.093253][ T6937] dump_stack_lvl+0x16c/0x1f0 [ 244.096258][ T6937] should_fail_ex+0x497/0x5b0 [ 244.098755][ T6937] _copy_to_user+0x30/0xc0 [ 244.101417][ T6937] simple_read_from_buffer+0xd0/0x160 [ 244.104562][ T6937] proc_fail_nth_read+0x19e/0x280 [ 244.107784][ T6937] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 244.110748][ T6937] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 244.115803][ T6937] vfs_read+0x1d4/0xbd0 [ 244.118259][ T6937] ? __fdget_pos+0xeb/0x180 [ 244.120585][ T6937] ? __pfx_vfs_read+0x10/0x10 [ 244.123410][ T6937] ? __pfx___mutex_lock+0x10/0x10 [ 244.126757][ T6937] ? __fget_files+0x256/0x400 [ 244.129554][ T6937] ksys_read+0x12f/0x260 [ 244.132088][ T6937] ? __pfx_ksys_read+0x10/0x10 [ 244.134922][ T6937] __do_fast_syscall_32+0x73/0x120 [ 244.138005][ T6937] do_fast_syscall_32+0x32/0x80 [ 244.140833][ T6937] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 244.144534][ T6937] RIP: 0023:0xf739e579 [ 244.146965][ T6937] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 244.157551][ T6937] RSP: 002b:00000000f56965a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 244.161732][ T6937] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5696620 [ 244.165761][ T6937] RDX: 000000000000000f RSI: 00000000f738fff4 RDI: 0000000000000000 [ 244.169144][ T6937] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 244.172615][ T6937] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 244.176541][ T6937] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 244.179898][ T6937] </TASK> [ 244.181380][ C3] vkms_vblank_simulate: vblank timer overrun [ 244.276121][ T6939] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 244.984661][ T987] usb 6-1: USB disconnect, device number 4 [ 245.657238][ T6954] netlink: 48 bytes leftover after parsing attributes in process `syz.0.363'. [ 245.662076][ T6954] netlink: 24 bytes leftover after parsing attributes in process `syz.0.363'. [ 245.819643][ T6955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.363'. [ 245.827811][ T6955] netlink: 8 bytes leftover after parsing attributes in process `syz.0.363'. [ 246.623365][ T6970] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 247.158502][ T5397] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 247.348874][ T5397] usb 5-1: Using ep0 maxpacket: 32 [ 247.358901][ T5397] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 247.383841][ T5397] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 247.394728][ T5397] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 247.400701][ T5397] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 247.409173][ T5397] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 247.415042][ T5397] usb 5-1: config 0 interface 0 has no altsetting 0 [ 247.421727][ T5397] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 247.425551][ T5397] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 247.428801][ T5397] usb 5-1: Product: syz [ 247.430629][ T5397] usb 5-1: Manufacturer: syz [ 247.432627][ T5397] usb 5-1: SerialNumber: syz [ 247.437845][ T5397] usb 5-1: config 0 descriptor?? [ 247.451449][ T5397] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 247.458955][ T5397] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 247.753340][ T6977] ldusb 5-1:0.0: Couldn't submit interrupt_in_urb -90 [ 247.842316][ T9] usb 5-1: USB disconnect, device number 6 [ 247.847831][ T9] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 248.819569][ T6990] netlink: 48 bytes leftover after parsing attributes in process `syz.0.376'. [ 248.826170][ T6990] netlink: 24 bytes leftover after parsing attributes in process `syz.0.376'. [ 248.963132][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.0.376'. [ 248.968878][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.0.376'. [ 251.382528][ T6999] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 251.484277][ T7001] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.757596][ T7007] FAULT_INJECTION: forcing a failure. [ 251.757596][ T7007] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 251.776232][ T7007] CPU: 3 UID: 0 PID: 7007 Comm: syz.3.382 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 251.781114][ T7007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 251.785636][ T7007] Call Trace: [ 251.787156][ T7007] <TASK> [ 251.788487][ T7007] dump_stack_lvl+0x16c/0x1f0 [ 251.790609][ T7007] should_fail_ex+0x497/0x5b0 [ 251.792997][ T7007] _copy_to_user+0x30/0xc0 [ 251.795249][ T7007] simple_read_from_buffer+0xd0/0x160 [ 251.798057][ T7007] proc_fail_nth_read+0x19e/0x280 [ 251.800758][ T7007] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 251.803437][ T7007] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 251.805839][ T7007] vfs_read+0x1d4/0xbd0 [ 251.807497][ T7007] ? __fdget_pos+0xeb/0x180 [ 251.809383][ T7007] ? __pfx_vfs_read+0x10/0x10 [ 251.811343][ T7007] ? __pfx___mutex_lock+0x10/0x10 [ 251.813625][ T7007] ? __fget_files+0x256/0x400 [ 251.815801][ T7007] ksys_read+0x12f/0x260 [ 251.817566][ T7007] ? __pfx_ksys_read+0x10/0x10 [ 251.819471][ T7007] __do_fast_syscall_32+0x73/0x120 [ 251.821799][ T7007] do_fast_syscall_32+0x32/0x80 [ 251.823902][ T7007] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 251.826617][ T7007] RIP: 0023:0xf73de579 [ 251.828415][ T7007] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 251.837954][ T7007] RSP: 002b:00000000f56d65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 251.841400][ T7007] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56d6620 [ 251.844732][ T7007] RDX: 000000000000000f RSI: 00000000f73cfff4 RDI: 0000000000000000 [ 251.848242][ T7007] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 251.852141][ T7007] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 251.855432][ T7007] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 251.858716][ T7007] </TASK> [ 252.056704][ T7015] overlayfs: failed to resolve './file1': -2 [ 252.966051][ T7026] loop2: detected capacity change from 0 to 7 [ 252.993025][ T7026] Dev loop2: unable to read RDB block 7 [ 252.996166][ T7026] loop2: unable to read partition table [ 253.008561][ T7026] loop2: partition table beyond EOD, truncated [ 253.015932][ T7026] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5) [ 253.114957][ T4841] Dev loop2: unable to read RDB block 7 [ 253.117201][ T4841] loop2: unable to read partition table [ 253.120248][ T4841] loop2: partition table beyond EOD, truncated [ 253.246001][ T7030] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 253.304421][ T4841] Dev loop2: unable to read RDB block 7 [ 253.307006][ T4841] loop2: unable to read partition table [ 253.309552][ T4841] loop2: partition table beyond EOD, truncated [ 253.865073][ T7035] netlink: 'syz.0.390': attribute type 1 has an invalid length. [ 254.117013][ T7040] netlink: 'syz.0.391': attribute type 1 has an invalid length. [ 254.195818][ T7042] FAULT_INJECTION: forcing a failure. [ 254.195818][ T7042] name failslab, interval 1, probability 0, space 0, times 0 [ 254.204067][ T7042] CPU: 3 UID: 0 PID: 7042 Comm: syz.0.391 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 254.208653][ T7042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 254.213425][ T7042] Call Trace: [ 254.214979][ T7042] <TASK> [ 254.216297][ T7042] dump_stack_lvl+0x16c/0x1f0 [ 254.218358][ T7042] should_fail_ex+0x497/0x5b0 [ 254.220681][ T7042] ? fs_reclaim_acquire+0xae/0x160 [ 254.223320][ T7042] should_failslab+0xc2/0x120 [ 254.225458][ T7042] kmem_cache_alloc_node_noprof+0x71/0x310 [ 254.228074][ T7042] ? __alloc_skb+0x2b3/0x380 [ 254.230126][ T7042] __alloc_skb+0x2b3/0x380 [ 254.232318][ T7042] ? __pfx___alloc_skb+0x10/0x10 [ 254.234400][ T7042] ? __pfx___might_resched+0x10/0x10 [ 254.236508][ T7042] netlink_alloc_large_skb+0x69/0x130 [ 254.238739][ T7042] netlink_sendmsg+0x689/0xd70 [ 254.240893][ T7042] ? __pfx_netlink_sendmsg+0x10/0x10 [ 254.243228][ T7042] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 254.245557][ T7042] ____sys_sendmsg+0x9b4/0xb50 [ 254.247607][ T7042] ? __pfx_____sys_sendmsg+0x10/0x10 [ 254.249885][ T7042] ? get_compat_msghdr+0x11b/0x170 [ 254.252125][ T7042] ? __pfx___lock_acquire+0x10/0x10 [ 254.254444][ T7042] ___sys_sendmsg+0x135/0x1e0 [ 254.256533][ T7042] ? __pfx____sys_sendmsg+0x10/0x10 [ 254.258857][ T7042] ? ksys_write+0x21c/0x260 [ 254.260799][ T7042] ? __fget_light+0x173/0x210 [ 254.262896][ T7042] __sys_sendmsg+0x117/0x1f0 [ 254.265038][ T7042] ? __pfx___sys_sendmsg+0x10/0x10 [ 254.267361][ T7042] __do_fast_syscall_32+0x73/0x120 [ 254.269493][ T7042] do_fast_syscall_32+0x32/0x80 [ 254.271455][ T7042] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 254.273921][ T7042] RIP: 0023:0xf739e579 [ 254.275814][ T7042] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 254.284437][ T7042] RSP: 002b:00000000f567556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 254.288095][ T7042] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000080 [ 254.291572][ T7042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 254.295072][ T7042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 254.298569][ T7042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 254.302031][ T7042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 254.305503][ T7042] </TASK> [ 254.315864][ T7040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.391'. [ 254.849993][ T7049] mkiss: ax0: crc mode is auto. [ 258.640209][ T7062] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 259.171947][ T7067] loop2: detected capacity change from 0 to 7 [ 259.175431][ T7067] Dev loop2: unable to read RDB block 7 [ 259.198412][ T7067] loop2: unable to read partition table [ 259.198712][ T7067] loop2: partition table beyond EOD, truncated [ 259.198729][ T7067] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5) [ 259.292209][ T7072] netlink: 'syz.1.400': attribute type 1 has an invalid length. [ 259.480800][ T7071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.400'. [ 260.426346][ T5896] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 260.438574][ T5896] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 260.462888][ T5896] hid-generic 0000:0000:0000.000C: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1 [ 260.470333][ T7079] FAULT_INJECTION: forcing a failure. [ 260.470333][ T7079] name failslab, interval 1, probability 0, space 0, times 0 [ 260.488375][ T7079] CPU: 2 UID: 0 PID: 7079 Comm: syz.3.402 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 260.493529][ T7079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 260.498258][ T7079] Call Trace: [ 260.499902][ T7079] <TASK> [ 260.501228][ T7079] dump_stack_lvl+0x16c/0x1f0 [ 260.503390][ T7079] should_fail_ex+0x497/0x5b0 [ 260.505482][ T7079] ? fs_reclaim_acquire+0xae/0x160 [ 260.507841][ T7079] should_failslab+0xc2/0x120 [ 260.510034][ T7079] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 260.512416][ T7079] ? __kernfs_new_node+0xd3/0x890 [ 260.515165][ T7079] __kernfs_new_node+0xd3/0x890 [ 260.517308][ T7079] ? __pfx___kernfs_new_node+0x10/0x10 [ 260.519989][ T7079] ? pcpu_memcg_post_alloc_hook+0x1e/0x6a0 [ 260.523155][ T7079] ? pcpu_alloc_noprof+0x1f4/0x14e0 [ 260.526596][ T7079] ? cgroup_rstat_init+0x1a5/0x230 [ 260.529494][ T7079] kernfs_new_node+0x186/0x240 [ 260.531591][ T7079] kernfs_create_dir_ns+0x4c/0x150 [ 260.533881][ T7079] cgroup_mkdir+0x547/0x1140 [ 260.535710][ T7079] ? __pfx_cgroup_mkdir+0x10/0x10 [ 260.537627][ T7079] kernfs_iop_mkdir+0x14a/0x1d0 [ 260.539496][ T7079] vfs_mkdir+0x57d/0x860 [ 260.541127][ T7079] do_mkdirat+0x301/0x3a0 [ 260.542795][ T7079] ? __pfx_do_mkdirat+0x10/0x10 [ 260.544858][ T7079] ? getname_flags.part.0+0x1c5/0x550 [ 260.547197][ T7079] __ia32_sys_mkdirat+0x82/0xb0 [ 260.549329][ T7079] __do_fast_syscall_32+0x73/0x120 [ 260.551623][ T7079] do_fast_syscall_32+0x32/0x80 [ 260.553832][ T7079] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 260.556548][ T7079] RIP: 0023:0xf73de579 [ 260.558619][ T7079] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 260.567004][ T7079] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000128 [ 260.570786][ T7079] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000080 [ 260.574455][ T7079] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000000 [ 260.577941][ T7079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 260.581426][ T7079] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 260.584862][ T7079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 260.588308][ T7079] </TASK> [ 260.950558][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.953102][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.038611][ T5896] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 261.219413][ T5896] usb 8-1: Using ep0 maxpacket: 32 [ 261.237764][ T5896] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 261.246928][ T5896] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 261.252527][ T5896] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 261.266602][ T5896] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 261.273574][ T5896] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 261.281536][ T5896] usb 8-1: config 0 interface 0 has no altsetting 0 [ 261.290575][ T5896] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 261.294889][ T5896] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 261.307446][ T5896] usb 8-1: Product: syz [ 261.310490][ T5896] usb 8-1: Manufacturer: syz [ 261.312714][ T5896] usb 8-1: SerialNumber: syz [ 261.316961][ T5896] usb 8-1: config 0 descriptor?? [ 261.333832][ T5896] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 261.347137][ T5896] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 261.551202][ T7085] ldusb 8-1:0.0: Couldn't submit interrupt_in_urb -90 [ 261.571097][ T5896] usb 8-1: USB disconnect, device number 7 [ 261.581040][ T5896] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 262.267561][ T7093] overlayfs: failed to resolve './file1': -2 [ 262.895462][ C0] vkms_vblank_simulate: vblank timer overrun [ 263.006174][ T7097] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 263.273603][ C0] vkms_vblank_simulate: vblank timer overrun [ 263.368120][ T7104] loop2: detected capacity change from 0 to 7 [ 263.372588][ T7104] Dev loop2: unable to read RDB block 7 [ 263.375459][ T7104] loop2: unable to read partition table [ 263.381731][ T7104] loop2: partition table beyond EOD, truncated [ 263.384603][ T7104] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5) [ 263.718393][ C0] vkms_vblank_simulate: vblank timer overrun [ 263.990472][ C0] vkms_vblank_simulate: vblank timer overrun [ 264.091286][ T7110] binder: transaction release 7 bad handle 1, ret = -22 [ 264.178828][ C0] vkms_vblank_simulate: vblank timer overrun [ 264.534879][ T7112] netlink: 'syz.0.413': attribute type 1 has an invalid length. [ 264.615586][ T7113] IPVS: lc: SCTP 172.20.20.187:0 - no destination available [ 264.670406][ T7114] netlink: 56 bytes leftover after parsing attributes in process `syz.0.413'. [ 264.908756][ T7121] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 265.162281][ T7128] loop2: detected capacity change from 0 to 7 [ 265.178539][ T7128] Dev loop2: unable to read RDB block 7 [ 265.180956][ T7128] loop2: unable to read partition table [ 265.183537][ T7128] loop2: partition table beyond EOD, truncated [ 265.186091][ T7128] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5) [ 265.531910][ T39] audit: type=1326 audit(1725780190.204:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 265.558417][ T39] audit: type=1326 audit(1725780190.204:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 265.567506][ T39] audit: type=1326 audit(1725780190.204:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 265.578410][ T39] audit: type=1326 audit(1725780190.204:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 265.587599][ T39] audit: type=1326 audit(1725780190.204:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 265.602101][ T39] audit: type=1326 audit(1725780190.204:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 265.614449][ T39] audit: type=1326 audit(1725780190.204:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 265.623841][ T39] audit: type=1326 audit(1725780190.204:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 265.634342][ T39] audit: type=1326 audit(1725780190.204:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 265.643375][ T39] audit: type=1326 audit(1725780190.204:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.2.420" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 266.088065][ T4841] Dev loop2: unable to read RDB block 7 [ 266.091644][ T4841] loop2: unable to read partition table [ 266.095284][ T4841] loop2: partition table beyond EOD, truncated [ 266.550374][ C0] vkms_vblank_simulate: vblank timer overrun [ 266.608445][ C0] vkms_vblank_simulate: vblank timer overrun [ 266.799037][ C0] vkms_vblank_simulate: vblank timer overrun [ 266.857659][ C0] vkms_vblank_simulate: vblank timer overrun [ 266.959981][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.036464][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.158456][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.348978][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.390279][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.574436][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.848430][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.979833][ C0] vkms_vblank_simulate: vblank timer overrun [ 268.126317][ C0] vkms_vblank_simulate: vblank timer overrun [ 268.150225][ T5366] Bluetooth: hci6: command 0x0406 tx timeout [ 268.264606][ T7146] overlayfs: failed to resolve './file1': -2 [ 268.374845][ C0] vkms_vblank_simulate: vblank timer overrun [ 268.495991][ C0] vkms_vblank_simulate: vblank timer overrun [ 268.788563][ C0] vkms_vblank_simulate: vblank timer overrun [ 268.878788][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.212838][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.268474][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.386466][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.609089][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.724827][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.808388][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.903570][ C0] vkms_vblank_simulate: vblank timer overrun [ 270.175022][ C0] vkms_vblank_simulate: vblank timer overrun [ 270.355535][ T7153] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 270.429706][ T7155] netlink: 36 bytes leftover after parsing attributes in process `syz.0.428'. [ 270.624263][ T7157] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 270.628762][ T5366] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 270.631030][ T7157] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 270.634125][ T5366] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 270.637558][ T7158] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 270.645941][ T7158] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 270.647873][ T5366] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 270.670125][ T5366] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 270.674217][ T5366] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 270.677535][ T5366] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 270.918466][ T7159] chnl_net:caif_netlink_parms(): no params data found [ 271.097011][ T7174] overlayfs: failed to resolve './file1': -2 [ 271.137415][ T7159] bridge0: port 1(bridge_slave_0) entered blocking state [ 271.142629][ T7159] bridge0: port 1(bridge_slave_0) entered disabled state [ 271.146015][ T7159] bridge_slave_0: entered allmulticast mode [ 271.151208][ T7159] bridge_slave_0: entered promiscuous mode [ 271.158235][ T7159] bridge0: port 2(bridge_slave_1) entered blocking state [ 271.161988][ T7159] bridge0: port 2(bridge_slave_1) entered disabled state [ 271.164875][ T7159] bridge_slave_1: entered allmulticast mode [ 271.169013][ T7159] bridge_slave_1: entered promiscuous mode [ 271.275171][ T7159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 271.292595][ T7159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 271.403364][ T7159] team0: Port device team_slave_0 added [ 271.410241][ T7159] team0: Port device team_slave_1 added [ 271.486696][ T7159] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 271.495085][ T7159] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 271.519159][ T7159] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 271.526356][ T7159] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 271.547216][ T7159] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 271.570691][ T7159] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 271.688894][ T7159] hsr_slave_0: entered promiscuous mode [ 271.695088][ T7159] hsr_slave_1: entered promiscuous mode [ 271.749993][ T7159] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 271.763727][ T7159] Cannot create hsr debugfs directory [ 272.141775][ T7159] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.242650][ T7159] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.403338][ T7159] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.601615][ T7159] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.708589][ T5357] Bluetooth: hci7: command tx timeout [ 272.813114][ T7159] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 272.821910][ T7159] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 272.837469][ T7159] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 272.856353][ T7159] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 272.979112][ T35] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 272.982698][ T35] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 272.988896][ T35] hid-generic 0000:0000:0000.000D: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1 [ 273.042998][ T7159] 8021q: adding VLAN 0 to HW filter on device bond0 [ 273.078259][ T7159] 8021q: adding VLAN 0 to HW filter on device team0 [ 273.093970][ T84] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.097303][ T84] bridge0: port 1(bridge_slave_0) entered forwarding state [ 273.112687][ T84] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.116202][ T84] bridge0: port 2(bridge_slave_1) entered forwarding state [ 273.340270][ T7159] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 273.385951][ T7159] veth0_vlan: entered promiscuous mode [ 273.396953][ T7159] veth1_vlan: entered promiscuous mode [ 273.438612][ T7159] veth0_macvtap: entered promiscuous mode [ 273.445066][ T7159] veth1_macvtap: entered promiscuous mode [ 273.460394][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.465047][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.470125][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.474471][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.479555][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.484175][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.488688][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.493127][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.497129][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.503294][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.507413][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.512484][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.519650][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.524003][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.528072][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 273.532996][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.540594][ T7159] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 273.550707][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.554913][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.560405][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.564957][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.569217][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.573637][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.577881][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.583277][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.587500][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.592420][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.596606][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.601262][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.605010][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.609171][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.612406][ T7159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 273.617732][ T7159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 273.624232][ T7159] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 273.635512][ T7159] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.640055][ T7159] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.644302][ T7159] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.647971][ T7159] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.740772][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 273.745090][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 273.783078][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 273.787161][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.300200][ T8] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 274.304125][ T8] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 274.322379][ T8] hid-generic 0000:0000:0000.000E: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1 [ 274.798635][ T5357] Bluetooth: hci7: command tx timeout [ 276.870338][ T5357] Bluetooth: hci7: command tx timeout [ 278.415565][ T7222] netlink: 48 bytes leftover after parsing attributes in process `syz.0.446'. [ 278.419427][ T7222] netlink: 24 bytes leftover after parsing attributes in process `syz.0.446'. [ 278.632718][ T7223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.446'. [ 278.640124][ T7223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.446'. [ 278.948526][ T5357] Bluetooth: hci7: command tx timeout [ 280.978171][ C3] vkms_vblank_simulate: vblank timer overrun [ 282.853528][ C3] vkms_vblank_simulate: vblank timer overrun [ 283.283229][ T5366] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 283.287948][ T5366] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 283.292130][ T5366] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 283.296999][ T5366] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 283.301236][ T5366] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 283.304771][ T5366] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 283.823700][ T7243] chnl_net:caif_netlink_parms(): no params data found [ 284.101356][ T7243] bridge0: port 1(bridge_slave_0) entered blocking state [ 284.107781][ T7243] bridge0: port 1(bridge_slave_0) entered disabled state [ 284.111363][ T7243] bridge_slave_0: entered allmulticast mode [ 284.120629][ T7243] bridge_slave_0: entered promiscuous mode [ 284.137422][ T7243] bridge0: port 2(bridge_slave_1) entered blocking state [ 284.148435][ T7243] bridge0: port 2(bridge_slave_1) entered disabled state [ 284.151933][ T7243] bridge_slave_1: entered allmulticast mode [ 284.156356][ T7243] bridge_slave_1: entered promiscuous mode [ 284.402174][ T7243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 284.411741][ T7243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 284.627407][ T7243] team0: Port device team_slave_0 added [ 284.635997][ T7243] team0: Port device team_slave_1 added [ 284.690200][ T5357] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 284.698264][ T5357] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 284.708863][ T5357] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 284.743220][ T5357] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 284.748110][ T5357] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 284.760028][ T5357] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 284.895960][ T7243] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 284.900352][ T7243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 284.919191][ T7243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 285.144625][ T7243] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 285.147693][ T7243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 285.178357][ T7243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 285.358571][ T5357] Bluetooth: hci8: command tx timeout [ 285.679500][ T7243] hsr_slave_0: entered promiscuous mode [ 285.703512][ T7243] hsr_slave_1: entered promiscuous mode [ 285.709032][ T7243] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 285.712408][ T7243] Cannot create hsr debugfs directory [ 286.234485][ T7259] chnl_net:caif_netlink_parms(): no params data found [ 286.624423][ T7243] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.849661][ T7243] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.881649][ T5357] Bluetooth: hci9: command tx timeout [ 287.450442][ T5357] Bluetooth: hci8: command tx timeout [ 288.391121][ T7243] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.588826][ T5366] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 288.605244][ T5366] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 288.613638][ T5366] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 288.614004][ T7259] bridge0: port 1(bridge_slave_0) entered blocking state [ 288.648979][ T5366] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 288.653593][ T5366] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 288.657807][ T5366] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 288.739536][ T7259] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.742873][ T7259] bridge_slave_0: entered allmulticast mode [ 288.773296][ T7259] bridge_slave_0: entered promiscuous mode [ 288.805241][ T7243] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.828736][ T7259] bridge0: port 2(bridge_slave_1) entered blocking state [ 288.832221][ T7259] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.835587][ T7259] bridge_slave_1: entered allmulticast mode [ 288.861272][ T7259] bridge_slave_1: entered promiscuous mode [ 288.955038][ T5366] Bluetooth: hci9: command tx timeout [ 289.101220][ T7259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 289.124843][ T7259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 289.322116][ T7259] team0: Port device team_slave_0 added [ 289.353553][ T7259] team0: Port device team_slave_1 added [ 289.497588][ T7243] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 289.511898][ T7243] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 289.518477][ T5366] Bluetooth: hci8: command tx timeout [ 289.577387][ T7259] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 289.588349][ T7259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 289.609051][ T7259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 289.658747][ T7243] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 289.676217][ T7243] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 289.709062][ T7259] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 289.713004][ T7259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 289.759275][ T7259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 289.965050][ T7259] hsr_slave_0: entered promiscuous mode [ 289.978243][ T7259] hsr_slave_1: entered promiscuous mode [ 289.990211][ T7259] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 289.993470][ T7259] Cannot create hsr debugfs directory [ 290.626469][ T7274] chnl_net:caif_netlink_parms(): no params data found [ 290.646048][ T7243] 8021q: adding VLAN 0 to HW filter on device bond0 [ 290.708766][ T5366] Bluetooth: hci12: command tx timeout [ 290.818968][ T7259] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.897781][ T7243] 8021q: adding VLAN 0 to HW filter on device team0 [ 290.929831][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 290.942956][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 290.952762][ T65] bridge0: port 2(bridge_slave_1) entered blocking state [ 290.956302][ T65] bridge0: port 2(bridge_slave_1) entered forwarding state [ 291.014272][ T7259] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.028594][ T5366] Bluetooth: hci9: command tx timeout [ 291.247042][ T7259] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.346143][ T7274] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.355654][ T7274] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.361981][ T7274] bridge_slave_0: entered allmulticast mode [ 291.369850][ T7274] bridge_slave_0: entered promiscuous mode [ 291.425567][ T7259] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.529020][ T7274] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.532279][ T7274] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.546105][ T7274] bridge_slave_1: entered allmulticast mode [ 291.551486][ T7274] bridge_slave_1: entered promiscuous mode [ 291.588706][ T5366] Bluetooth: hci8: command tx timeout [ 291.754073][ T7274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.777794][ T7274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 291.984249][ T7274] team0: Port device team_slave_0 added [ 292.041958][ T7274] team0: Port device team_slave_1 added [ 292.271411][ T7274] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 292.275466][ T7274] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.328433][ T7274] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 292.335830][ T7274] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 292.350242][ T7274] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.389131][ T7274] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 292.407842][ T7259] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 292.489865][ T7259] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 292.615388][ T7243] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 292.630012][ T7259] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 292.690245][ T7274] hsr_slave_0: entered promiscuous mode [ 292.693816][ T7274] hsr_slave_1: entered promiscuous mode [ 292.697446][ T7274] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 292.702254][ T7274] Cannot create hsr debugfs directory [ 292.705698][ T7259] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 292.789209][ T5366] Bluetooth: hci12: command tx timeout [ 293.093376][ T7274] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.108525][ T5366] Bluetooth: hci9: command tx timeout [ 293.140026][ T7243] veth0_vlan: entered promiscuous mode [ 293.164868][ T7243] veth1_vlan: entered promiscuous mode [ 293.248084][ T7259] 8021q: adding VLAN 0 to HW filter on device bond0 [ 293.267562][ T7259] 8021q: adding VLAN 0 to HW filter on device team0 [ 293.315004][ T7259] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 293.319337][ T7259] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 293.448255][ T7274] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.483171][ T7243] veth0_macvtap: entered promiscuous mode [ 293.494211][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 293.497485][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 293.504597][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 293.507663][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 293.544459][ T7243] veth1_macvtap: entered promiscuous mode [ 293.580174][ T7274] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.608783][ T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 293.650684][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.655072][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.669893][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.674981][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.691979][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.708941][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.714123][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.730187][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.735672][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.758874][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.763599][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.778354][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.782630][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.787307][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.808400][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.812743][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.816736][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.828343][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.842078][ T7243] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 293.860395][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.864921][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.870013][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.874875][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.879424][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.884695][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.889552][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.899865][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.904009][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.910513][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.914721][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.920138][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.924586][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.929488][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.935066][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.939315][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.943867][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.949877][ T8] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 293.951896][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.961387][ T7243] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 293.969214][ T7243] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.973476][ T7243] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.978705][ T8] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 293.983450][ T8] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 293.989449][ T7243] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.989529][ T7243] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.010197][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.036588][ T7306] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 294.057143][ T8] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 294.061837][ T7274] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.338948][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 294.342681][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 294.391060][ T8] usb 5-1: USB disconnect, device number 7 [ 294.568044][ T7259] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 294.601509][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 294.601612][ T7274] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 294.605010][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 294.651969][ T7274] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 294.671349][ T7274] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 294.703091][ T7274] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 294.795296][ T7259] veth0_vlan: entered promiscuous mode [ 294.834311][ T7259] veth1_vlan: entered promiscuous mode [ 294.878952][ T5366] Bluetooth: hci12: command tx timeout [ 294.892388][ T7259] veth0_macvtap: entered promiscuous mode [ 294.907659][ T7259] veth1_macvtap: entered promiscuous mode [ 294.950952][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.955826][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.970062][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.974651][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.986746][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.991738][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.996103][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.009404][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.013948][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.038441][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.042436][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.046838][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.068579][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.072921][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.076781][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.088364][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.092266][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.096531][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.118427][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 295.123865][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.141266][ T7259] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 295.172859][ T7274] 8021q: adding VLAN 0 to HW filter on device bond0 [ 295.178147][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.191740][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.196027][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.212403][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.219725][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.228731][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.233310][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.240452][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.244683][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.251142][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.265958][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.273616][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.277416][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.282223][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.286239][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.290843][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.295034][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.308440][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.327498][ T7259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 295.339389][ T7259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 295.346705][ T7259] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 295.392882][ T7259] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.397769][ T7259] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.418403][ T7259] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.422301][ T7259] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.522793][ T7274] 8021q: adding VLAN 0 to HW filter on device team0 [ 295.592926][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 295.595976][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 295.681207][ T1103] bridge0: port 2(bridge_slave_1) entered blocking state [ 295.684834][ T1103] bridge0: port 2(bridge_slave_1) entered forwarding state [ 295.903936][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.913064][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.987376][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.998575][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.801435][ T7274] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 296.934125][ T7274] veth0_vlan: entered promiscuous mode [ 296.948936][ T5366] Bluetooth: hci12: command tx timeout [ 296.955027][ T7274] veth1_vlan: entered promiscuous mode [ 297.000938][ T7274] veth0_macvtap: entered promiscuous mode [ 297.007509][ T7274] veth1_macvtap: entered promiscuous mode [ 297.021596][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.026063][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.028891][ T5896] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 297.030504][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.038269][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.043045][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.047414][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.052120][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.056688][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.061142][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.066922][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.077923][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.083227][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.086954][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.091496][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.095853][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.100339][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.104513][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.111479][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.115965][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.120711][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.124962][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 297.129813][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.136197][ T7274] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 297.142022][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.147152][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.152163][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.160944][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.165978][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.172371][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.176788][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.181711][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.185856][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.194373][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.199261][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.203352][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.207205][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.208386][ T5896] usb 6-1: Using ep0 maxpacket: 32 [ 297.213011][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.219217][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.224904][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.231079][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.236778][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.236945][ T5896] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 297.241915][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.245046][ T5896] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 297.251513][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.265951][ T7274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 297.275808][ T5896] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 297.276154][ T7274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.285931][ T5896] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 297.289170][ T7274] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 297.296637][ T5896] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 297.312822][ T5896] usb 6-1: config 0 interface 0 has no altsetting 0 [ 297.321236][ T7274] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.323393][ T5896] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 297.324966][ T7274] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.324993][ T7274] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.349563][ T5896] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 297.353839][ T5896] usb 6-1: Product: syz [ 297.355607][ T5896] usb 6-1: Manufacturer: syz [ 297.357616][ T5896] usb 6-1: SerialNumber: syz [ 297.358545][ T7274] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.369303][ T5896] usb 6-1: config 0 descriptor?? [ 297.376656][ T5896] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 297.384642][ T5896] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 297.477106][ T7330] overlayfs: failed to resolve './file1': -2 [ 297.601295][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 297.605540][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 297.624189][ T7324] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90 [ 297.683712][ T5896] usb 6-1: USB disconnect, device number 5 [ 297.700940][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 297.701387][ T5896] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 297.718670][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 303.754098][ T5366] Bluetooth: hci9: command 0x0406 tx timeout [ 304.718419][ T35] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 304.908386][ T35] usb 8-1: Using ep0 maxpacket: 8 [ 304.924082][ T35] usb 8-1: config 0 has no interfaces? [ 304.949245][ T35] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 304.956387][ T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 304.978433][ T35] usb 8-1: Product: syz [ 304.980124][ T35] usb 8-1: Manufacturer: syz [ 304.982440][ T35] usb 8-1: SerialNumber: syz [ 304.999406][ T35] usb 8-1: config 0 descriptor?? [ 305.327747][ T7378] FAULT_INJECTION: forcing a failure. [ 305.327747][ T7378] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 305.398361][ T7378] CPU: 2 UID: 0 PID: 7378 Comm: syz.3.474 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 305.403023][ T7378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 305.407193][ T7378] Call Trace: [ 305.408882][ T7378] <TASK> [ 305.410503][ T7378] dump_stack_lvl+0x16c/0x1f0 [ 305.412526][ T7378] should_fail_ex+0x497/0x5b0 [ 305.414504][ T7378] ? fs_reclaim_acquire+0xae/0x160 [ 305.416957][ T7378] should_fail_alloc_page+0xe7/0x130 [ 305.419574][ T7378] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 305.422650][ T7378] __alloc_pages_noprof+0x194/0x2460 [ 305.424870][ T7378] ? copy_splice_read+0x1a8/0xb80 [ 305.427257][ T7378] ? stack_trace_save+0x95/0xd0 [ 305.429310][ T7378] ? __pfx_stack_trace_save+0x10/0x10 [ 305.431849][ T7378] ? stack_depot_save_flags+0x28/0x900 [ 305.434645][ T7378] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 305.437068][ T7378] ? copy_splice_read+0x1a8/0xb80 [ 305.439241][ T7378] ? kasan_save_stack+0x33/0x60 [ 305.441313][ T7378] ? kasan_save_track+0x14/0x30 [ 305.443403][ T7378] ? __kasan_kmalloc+0xaa/0xb0 [ 305.445405][ T7378] ? __kmalloc_noprof+0x1e8/0x410 [ 305.447519][ T7378] ? copy_splice_read+0x1a8/0xb80 [ 305.449650][ T7378] ? do_splice_read+0x294/0x380 [ 305.451699][ T7378] ? splice_direct_to_actor+0x2a4/0xa40 [ 305.454020][ T7378] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 305.456716][ T7378] alloc_pages_bulk_noprof+0x742/0x14f0 [ 305.459049][ T7378] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 305.461549][ T7378] ? trace_kmalloc+0x2d/0xe0 [ 305.463673][ T7378] ? __kmalloc_noprof+0x207/0x410 [ 305.466021][ T7378] copy_splice_read+0x1e3/0xb80 [ 305.468085][ T7378] ? look_up_lock_class+0x68/0x140 [ 305.470252][ T7378] ? __pfx_copy_splice_read+0x10/0x10 [ 305.472488][ T7378] ? __pfx_register_lock_class+0x10/0x10 [ 305.474883][ T7378] ? __pfx_copy_splice_read+0x10/0x10 [ 305.477151][ T7378] do_splice_read+0x294/0x380 [ 305.479133][ T7378] splice_direct_to_actor+0x2a4/0xa40 [ 305.481367][ T7378] ? __pfx_direct_splice_actor+0x10/0x10 [ 305.483753][ T7378] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 305.486240][ T7378] ? __fget_files+0x24c/0x400 [ 305.488474][ T7378] ? __pfx_lock_release+0x10/0x10 [ 305.490598][ T7378] do_splice_direct+0x17e/0x250 [ 305.492646][ T7378] ? __pfx_do_splice_direct+0x10/0x10 [ 305.494925][ T7378] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 305.498586][ T7378] do_sendfile+0xb1e/0xe50 [ 305.500508][ T7378] ? __pfx_do_sendfile+0x10/0x10 [ 305.502618][ T7378] __ia32_compat_sys_sendfile+0x1e7/0x230 [ 305.505007][ T7378] ? ksys_write+0x1ab/0x260 [ 305.506918][ T7378] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 305.509518][ T7378] __do_fast_syscall_32+0x73/0x120 [ 305.511673][ T7378] do_fast_syscall_32+0x32/0x80 [ 305.513693][ T7378] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 305.516312][ T7378] RIP: 0023:0xf740e579 [ 305.518031][ T7378] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 305.525445][ T7378] RSP: 002b:00000000f56e556c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 305.528937][ T7378] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000000009 [ 305.531839][ T7378] RDX: 0000000000000000 RSI: 0000000000007fff RDI: 0000000000000000 [ 305.534769][ T7378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 305.537976][ T7378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 305.541254][ T7378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 305.544240][ T7378] </TASK> [ 305.688414][ T57] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 305.726621][ T833] usb 8-1: USB disconnect, device number 8 [ 305.868427][ T57] usb 7-1: Using ep0 maxpacket: 8 [ 305.885648][ T57] usb 7-1: config 0 has no interfaces? [ 305.928528][ T57] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 305.932629][ T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.936000][ T57] usb 7-1: Product: syz [ 305.937931][ T57] usb 7-1: Manufacturer: syz [ 305.941515][ T57] usb 7-1: SerialNumber: syz [ 305.952213][ T57] usb 7-1: config 0 descriptor?? [ 306.509116][ T8] usb 7-1: USB disconnect, device number 4 [ 307.567273][ T7412] overlayfs: failed to resolve './file1': -2 [ 308.437943][ T13] bridge_slave_1: left allmulticast mode [ 308.440278][ T13] bridge_slave_1: left promiscuous mode [ 308.442528][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.480330][ T13] bridge_slave_0: left allmulticast mode [ 308.483031][ T13] bridge_slave_0: left promiscuous mode [ 308.485734][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.512738][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 309.550391][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 309.557210][ T13] bond0 (unregistering): Released all slaves [ 309.702160][ T7441] netlink: 28 bytes leftover after parsing attributes in process `syz.2.493'. [ 309.706341][ T7441] FAULT_INJECTION: forcing a failure. [ 309.706341][ T7441] name failslab, interval 1, probability 0, space 0, times 0 [ 309.714731][ T7441] CPU: 3 UID: 0 PID: 7441 Comm: syz.2.493 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 309.719616][ T7441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 309.724641][ T7441] Call Trace: [ 309.726441][ T7441] <TASK> [ 309.727847][ T7441] dump_stack_lvl+0x16c/0x1f0 [ 309.730458][ T7441] should_fail_ex+0x497/0x5b0 [ 309.733333][ T7441] should_failslab+0xc2/0x120 [ 309.735720][ T7441] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 309.738522][ T7441] ? skb_clone+0x190/0x3f0 [ 309.741080][ T7441] skb_clone+0x190/0x3f0 [ 309.743178][ T7441] netlink_deliver_tap+0xb26/0xcf0 [ 309.745875][ T7441] netlink_unicast+0x6b4/0x7f0 [ 309.748528][ T7441] ? __pfx_netlink_unicast+0x10/0x10 [ 309.751759][ T7441] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 309.754902][ T7441] netlink_ack+0x6a5/0xb20 [ 309.757399][ T7441] netlink_rcv_skb+0x327/0x410 [ 309.760125][ T7441] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 309.763046][ T7441] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 309.765723][ T7441] ? netlink_deliver_tap+0x1ae/0xcf0 [ 309.768566][ T7441] netlink_unicast+0x53c/0x7f0 [ 309.771066][ T7441] ? __pfx_netlink_unicast+0x10/0x10 [ 309.773905][ T7441] ? __phys_addr_symbol+0x30/0x80 [ 309.777037][ T7441] ? __check_object_size+0x497/0x720 [ 309.780316][ T7441] netlink_sendmsg+0x8b8/0xd70 [ 309.783297][ T7441] ? __pfx_netlink_sendmsg+0x10/0x10 [ 309.786556][ T7441] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 309.789788][ T7441] ____sys_sendmsg+0x9b4/0xb50 [ 309.792734][ T7441] ? __pfx_____sys_sendmsg+0x10/0x10 [ 309.796007][ T7441] ? get_compat_msghdr+0x11b/0x170 [ 309.799051][ T7441] ? __pfx___lock_acquire+0x10/0x10 [ 309.802117][ T7441] ___sys_sendmsg+0x135/0x1e0 [ 309.804986][ T7441] ? __pfx____sys_sendmsg+0x10/0x10 [ 309.808193][ T7441] ? ksys_write+0x21c/0x260 [ 309.810890][ T7441] ? __fget_light+0x173/0x210 [ 309.813612][ T7441] __sys_sendmsg+0x117/0x1f0 [ 309.816247][ T7441] ? __pfx___sys_sendmsg+0x10/0x10 [ 309.818524][ T7441] __do_fast_syscall_32+0x73/0x120 [ 309.820707][ T7441] do_fast_syscall_32+0x32/0x80 [ 309.822842][ T7441] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 309.826079][ T7441] RIP: 0023:0xf7fc8579 [ 309.827925][ T7441] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 309.837497][ T7441] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 309.841222][ T7441] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000240 [ 309.845006][ T7441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 309.849207][ T7441] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 309.852472][ T7441] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 309.857289][ T7441] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 309.861574][ T7441] </TASK> [ 310.123156][ T7450] netlink: 24 bytes leftover after parsing attributes in process `syz.3.496'. [ 310.407217][ T13] hsr_slave_0: left promiscuous mode [ 310.423199][ T13] hsr_slave_1: left promiscuous mode [ 310.445003][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 310.459061][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 310.476364][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 310.484077][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 310.637759][ T13] veth1_macvtap: left promiscuous mode [ 310.640563][ T13] veth0_macvtap: left promiscuous mode [ 310.643296][ T13] veth1_vlan: left promiscuous mode [ 310.646774][ T13] veth0_vlan: left promiscuous mode [ 312.121867][ C1] vkms_vblank_simulate: vblank timer overrun [ 312.311019][ T8] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 312.518433][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 312.523499][ T8] usb 5-1: config 0 has no interfaces? [ 312.526223][ T8] usb 5-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 312.536020][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.549659][ T8] usb 5-1: config 0 descriptor?? [ 313.000320][ T7471] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 313.006420][ T7471] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 313.392262][ T13] team0 (unregistering): Port device team_slave_1 removed [ 313.578238][ T13] team0 (unregistering): Port device team_slave_0 removed [ 314.700208][ T5505] usb 5-1: USB disconnect, device number 8 [ 315.643899][ T13] IPVS: stop unused estimator thread 0... [ 316.024462][ T7501] netlink: 392 bytes leftover after parsing attributes in process `syz.2.507'. [ 316.998422][ T5896] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 317.198377][ T5896] usb 5-1: Using ep0 maxpacket: 16 [ 317.212402][ T5896] usb 5-1: config 0 has no interfaces? [ 317.215464][ T5896] usb 5-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 317.237851][ T5896] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 317.255754][ T5896] usb 5-1: config 0 descriptor?? [ 317.720152][ T7514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 317.729255][ T7514] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 318.159168][ T5505] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 318.350202][ T5505] usb 8-1: Using ep0 maxpacket: 32 [ 318.356006][ T5505] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 318.362798][ T5505] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 318.373104][ T5505] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 318.382622][ T5505] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 318.388848][ T5505] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 318.401816][ T5505] usb 8-1: config 0 interface 0 has no altsetting 0 [ 318.408078][ T5505] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 318.413872][ T5505] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 318.422608][ T5505] usb 8-1: Product: syz [ 318.425763][ T5505] usb 8-1: Manufacturer: syz [ 318.429077][ T5505] usb 8-1: SerialNumber: syz [ 318.441586][ T5505] usb 8-1: config 0 descriptor?? [ 318.449981][ T5505] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 318.455878][ T5505] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 318.498490][ T7548] netlink: 48 bytes leftover after parsing attributes in process `syz.2.520'. [ 318.515053][ T7548] netlink: 24 bytes leftover after parsing attributes in process `syz.2.520'. [ 318.594611][ T7548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.520'. [ 318.612050][ T7548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.520'. [ 318.860817][ T7535] ldusb 8-1:0.0: Couldn't submit interrupt_in_urb -90 [ 318.993325][ T5896] usb 8-1: USB disconnect, device number 9 [ 318.997710][ T5896] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 319.289567][ T5397] usb 5-1: USB disconnect, device number 9 [ 319.623652][ T7553] overlayfs: failed to resolve './file1': -2 [ 319.988900][ T5357] Bluetooth: hci12: Controller not accepting commands anymore: ncmd = 0 [ 319.992980][ T5357] Bluetooth: hci12: Injecting HCI hardware error event [ 319.997374][ T5366] Bluetooth: hci12: hardware error 0x00 [ 321.103336][ T7583] netlink: 48 bytes leftover after parsing attributes in process `syz.2.531'. [ 321.117743][ T7583] netlink: 24 bytes leftover after parsing attributes in process `syz.2.531'. [ 321.245516][ T7581] can0: slcan on ttyprintk. [ 321.314855][ T7583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.531'. [ 321.338545][ T7583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.531'. [ 321.598473][ T5896] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 321.638593][ T57] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 321.798586][ T5896] usb 8-1: Using ep0 maxpacket: 8 [ 321.802921][ T5896] usb 8-1: config 0 has no interfaces? [ 321.805515][ T5896] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 321.814728][ T5896] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.828853][ T57] usb 6-1: Using ep0 maxpacket: 16 [ 321.840079][ T57] usb 6-1: config 0 has no interfaces? [ 321.842403][ T57] usb 6-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 321.846154][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.851449][ T5896] usb 8-1: config 0 descriptor?? [ 321.902454][ T57] usb 6-1: config 0 descriptor?? [ 322.078775][ T5366] Bluetooth: hci12: Opcode 0x0c03 failed: -110 [ 322.103594][ T5896] usb 8-1: string descriptor 0 read error: -71 [ 322.119270][ T5896] usb 8-1: USB disconnect, device number 10 [ 322.403324][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.404813][ T7585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 322.406995][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.449796][ T7601] netlink: 24 bytes leftover after parsing attributes in process `syz.2.533'. [ 322.519609][ T7585] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 322.567132][ T7580] can0 (unregistered): slcan off ttyprintk. [ 323.572119][ T7634] overlayfs: failed to resolve './file1': -2 [ 324.026399][ T833] usb 6-1: USB disconnect, device number 6 [ 324.193437][ T7644] netlink: 48 bytes leftover after parsing attributes in process `syz.0.541'. [ 324.198000][ T7644] netlink: 24 bytes leftover after parsing attributes in process `syz.0.541'. [ 324.434814][ T7647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.541'. [ 324.438908][ T7647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.541'. [ 325.108673][ T5357] Bluetooth: hci8: command 0x0406 tx timeout [ 327.859305][ T7675] netlink: 48 bytes leftover after parsing attributes in process `syz.0.551'. [ 327.863156][ T7675] netlink: 24 bytes leftover after parsing attributes in process `syz.0.551'. [ 328.047145][ T7678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.551'. [ 328.051164][ T7678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.551'. [ 328.265068][ T5505] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 328.279723][ T5505] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 328.299393][ T5505] hid-generic 0000:0000:0000.000F: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz1 [ 328.865864][ T7689] input: syz0 as /devices/virtual/input/input8 [ 329.599623][ T833] IPVS: starting estimator thread 0... [ 329.702772][ T7697] IPVS: using max 20 ests per chain, 48000 per kthread [ 331.902412][ T7720] netlink: 48 bytes leftover after parsing attributes in process `syz.1.564'. [ 331.906180][ T7720] netlink: 24 bytes leftover after parsing attributes in process `syz.1.564'. [ 332.329975][ T7720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.564'. [ 332.333914][ T7720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.564'. [ 333.073331][ T7733] overlayfs: failed to resolve './file0': -2 [ 333.100109][ T7734] overlayfs: failed to resolve './file1': -2 [ 335.217932][ T7757] dccp_xmit_packet: Payload too large (65475) for featneg. [ 335.230050][ T7763] hugetlbfs: Bad value 'A' for mount option 'nr_inodes' [ 335.230050][ T7763] [ 335.290367][ T35] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 335.358208][ T5397] IPVS: starting estimator thread 0... [ 335.398757][ T7767] veth0_vlan: left promiscuous mode [ 335.404906][ T7767] veth0_vlan: entered promiscuous mode [ 335.468536][ T7766] IPVS: using max 22 ests per chain, 52800 per kthread [ 335.509089][ T35] usb 6-1: Using ep0 maxpacket: 32 [ 335.513114][ T35] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 335.516468][ T35] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 335.538263][ T35] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 335.543543][ T35] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 335.547940][ T35] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 335.578792][ T35] usb 6-1: config 0 interface 0 has no altsetting 0 [ 335.594107][ T35] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 335.598231][ T35] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 335.613724][ T35] usb 6-1: Product: syz [ 335.615535][ T35] usb 6-1: Manufacturer: syz [ 335.617402][ T35] usb 6-1: SerialNumber: syz [ 335.631440][ T35] usb 6-1: config 0 descriptor?? [ 335.636808][ T35] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 335.652615][ T35] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 335.863572][ T7758] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90 [ 335.892299][ T35] usb 6-1: USB disconnect, device number 7 [ 335.899123][ T35] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 337.690957][ T7798] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 338.359196][ T5505] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 338.551245][ T5505] usb 6-1: Using ep0 maxpacket: 32 [ 338.556673][ T5505] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 338.568354][ T5505] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 338.572518][ T5505] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 338.576690][ T5505] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 338.588780][ T5505] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 338.594240][ T5505] usb 6-1: config 0 interface 0 has no altsetting 0 [ 338.614773][ T5505] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 338.638450][ T5505] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 338.643064][ T5505] usb 6-1: Product: syz [ 338.645075][ T5505] usb 6-1: Manufacturer: syz [ 338.647150][ T5505] usb 6-1: SerialNumber: syz [ 338.662483][ T5505] usb 6-1: config 0 descriptor?? [ 338.669216][ T5505] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 338.678649][ T5505] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 338.798482][ T5896] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 338.871030][ T7803] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90 [ 338.896613][ T35] usb 6-1: USB disconnect, device number 8 [ 338.905648][ T35] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 338.978832][ T5896] usb 7-1: Using ep0 maxpacket: 16 [ 338.993836][ T5896] usb 7-1: config 0 has no interfaces? [ 338.996529][ T5896] usb 7-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 339.008672][ T5896] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.015074][ T5896] usb 7-1: config 0 descriptor?? [ 339.463960][ T7809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 339.471406][ T7809] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 339.691035][ T7823] program syz.1.596 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 340.602937][ T7841] overlayfs: failed to resolve './file1': -2 [ 341.322040][ T5505] usb 7-1: USB disconnect, device number 5 [ 341.727485][ T7850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.604'. [ 342.180789][ T7861] FAULT_INJECTION: forcing a failure. [ 342.180789][ T7861] name failslab, interval 1, probability 0, space 0, times 0 [ 342.186112][ T7861] CPU: 3 UID: 0 PID: 7861 Comm: syz.3.608 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 342.190599][ T7861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.195114][ T7861] Call Trace: [ 342.196548][ T7861] <TASK> [ 342.197803][ T7861] dump_stack_lvl+0x16c/0x1f0 [ 342.199565][ T7861] should_fail_ex+0x497/0x5b0 [ 342.201624][ T7861] ? fs_reclaim_acquire+0xae/0x160 [ 342.203835][ T7861] should_failslab+0xc2/0x120 [ 342.205883][ T7861] __kmalloc_noprof+0xcb/0x410 [ 342.209483][ T7861] ? __pfx_lock_acquire+0x10/0x10 [ 342.211597][ T7861] tomoyo_realpath_from_path+0xbf/0x710 [ 342.213881][ T7861] ? tomoyo_profile+0x47/0x60 [ 342.215874][ T7861] tomoyo_path_number_perm+0x245/0x5b0 [ 342.218243][ T7861] ? tomoyo_path_number_perm+0x232/0x5b0 [ 342.220664][ T7861] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 342.223268][ T7861] ? __pfx_lock_release+0x10/0x10 [ 342.225501][ T7861] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 342.228090][ T7861] ? __fget_files+0x256/0x400 [ 342.230143][ T7861] security_file_ioctl_compat+0x75/0xc0 [ 342.232539][ T7861] __do_compat_sys_ioctl+0x5d/0x330 [ 342.234823][ T7861] __do_fast_syscall_32+0x73/0x120 [ 342.237029][ T7861] do_fast_syscall_32+0x32/0x80 [ 342.239155][ T7861] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.241865][ T7861] RIP: 0023:0xf740e579 [ 342.243646][ T7861] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.251864][ T7861] RSP: 002b:00000000f56e556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 342.256192][ T7861] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000005414 [ 342.259714][ T7861] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 342.263110][ T7861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.266536][ T7861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 342.270052][ T7861] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.273484][ T7861] </TASK> [ 342.284348][ T7861] ERROR: Out of memory at tomoyo_realpath_from_path. [ 343.771021][ T7878] netlink: 4 bytes leftover after parsing attributes in process `syz.2.614'. [ 344.328006][ T7880] FAULT_INJECTION: forcing a failure. [ 344.328006][ T7880] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 344.348727][ T7880] CPU: 3 UID: 0 PID: 7880 Comm: syz.0.615 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 344.353305][ T7880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.357598][ T7880] Call Trace: [ 344.358959][ T7880] <TASK> [ 344.360206][ T7880] dump_stack_lvl+0x16c/0x1f0 [ 344.362158][ T7880] should_fail_ex+0x497/0x5b0 [ 344.364171][ T7880] _copy_to_user+0x30/0xc0 [ 344.366039][ T7880] simple_read_from_buffer+0xd0/0x160 [ 344.368344][ T7880] proc_fail_nth_read+0x19e/0x280 [ 344.371134][ T7880] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 344.373927][ T7880] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 344.376739][ T7880] vfs_read+0x1d4/0xbd0 [ 344.379002][ T7880] ? __fdget_pos+0xeb/0x180 [ 344.381183][ T7880] ? __pfx_vfs_read+0x10/0x10 [ 344.383675][ T7880] ? __pfx___mutex_lock+0x10/0x10 [ 344.386014][ T7880] ? __fget_files+0x256/0x400 [ 344.388058][ T7880] ksys_read+0x12f/0x260 [ 344.389920][ T7880] ? __pfx_ksys_read+0x10/0x10 [ 344.391920][ T7880] __do_fast_syscall_32+0x73/0x120 [ 344.394194][ T7880] do_fast_syscall_32+0x32/0x80 [ 344.396356][ T7880] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.399466][ T7880] RIP: 0023:0xf739e579 [ 344.401285][ T7880] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.409755][ T7880] RSP: 002b:00000000f56965a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 344.413519][ T7880] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5696620 [ 344.416963][ T7880] RDX: 000000000000000f RSI: 00000000f738fff4 RDI: 0000000000000000 [ 344.420728][ T7880] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 344.424255][ T7880] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 344.427957][ T7880] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.431434][ T7880] </TASK> [ 344.452804][ T39] kauditd_printk_skb: 7 callbacks suppressed [ 344.452817][ T39] audit: type=1326 audit(1725780269.114:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 344.504051][ T39] audit: type=1326 audit(1725780269.114:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 344.538396][ T39] audit: type=1326 audit(1725780269.124:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 344.559009][ T39] audit: type=1326 audit(1725780269.124:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 344.605205][ T39] audit: type=1326 audit(1725780269.124:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 344.671329][ T39] audit: type=1326 audit(1725780269.124:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 344.709043][ T39] audit: type=1326 audit(1725780269.124:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 344.717032][ T39] audit: type=1326 audit(1725780269.134:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 344.736361][ T39] audit: type=1326 audit(1725780269.134:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 344.744400][ T39] audit: type=1326 audit(1725780269.134:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7881 comm="syz.3.616" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 346.101841][ T7907] FAULT_INJECTION: forcing a failure. [ 346.101841][ T7907] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 346.109288][ T7907] CPU: 1 UID: 0 PID: 7907 Comm: syz.0.621 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 346.114943][ T7907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.121769][ T7907] Call Trace: [ 346.123167][ T7907] <TASK> [ 346.124424][ T7907] dump_stack_lvl+0x16c/0x1f0 [ 346.126433][ T7907] should_fail_ex+0x497/0x5b0 [ 346.128392][ T7907] _copy_from_user+0x30/0xf0 [ 346.130334][ T7907] get_compat_msghdr+0xa8/0x170 [ 346.132506][ T7907] ? __pfx_get_compat_msghdr+0x10/0x10 [ 346.134819][ T7907] ? find_held_lock+0x2d/0x110 [ 346.136815][ T7907] ___sys_recvmsg+0x193/0x1a0 [ 346.152275][ T7907] ? __pfx____sys_recvmsg+0x10/0x10 [ 346.154458][ T7907] ? __fget_light+0x173/0x210 [ 346.156519][ T7907] __sys_recvmsg+0x114/0x1e0 [ 346.165758][ T7907] ? __pfx___sys_recvmsg+0x10/0x10 [ 346.167939][ T7907] __do_fast_syscall_32+0x73/0x120 [ 346.170127][ T7907] do_fast_syscall_32+0x32/0x80 [ 346.172188][ T7907] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.175013][ T7907] RIP: 0023:0xf739e579 [ 346.176796][ T7907] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.184878][ T7907] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000174 [ 346.188347][ T7907] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180 [ 346.191732][ T7907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 346.194861][ T7907] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.197772][ T7907] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.200992][ T7907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.204324][ T7907] </TASK> [ 346.700689][ T7920] FAULT_INJECTION: forcing a failure. [ 346.700689][ T7920] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 346.766540][ T7920] CPU: 3 UID: 0 PID: 7920 Comm: syz.0.626 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 346.771787][ T7920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.776708][ T7920] Call Trace: [ 346.778359][ T7920] <TASK> [ 346.779720][ T7920] dump_stack_lvl+0x16c/0x1f0 [ 346.781813][ T7920] should_fail_ex+0x497/0x5b0 [ 346.784004][ T7920] _copy_from_user+0x30/0xf0 [ 346.786060][ T7920] move_addr_to_kernel+0x68/0x160 [ 346.788329][ T7920] __sys_sendto+0x169/0x4e0 [ 346.790370][ T7920] ? __pfx___sys_sendto+0x10/0x10 [ 346.792634][ T7920] ? ksys_write+0x1ab/0x260 [ 346.794696][ T7920] ? __pfx_ksys_write+0x10/0x10 [ 346.796849][ T7920] __ia32_sys_sendto+0xdd/0x1b0 [ 346.798998][ T7920] ? lockdep_hardirqs_on+0x7c/0x110 [ 346.801271][ T7920] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 346.804141][ T7920] __do_fast_syscall_32+0x73/0x120 [ 346.806296][ T7920] do_fast_syscall_32+0x32/0x80 [ 346.808404][ T7920] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.810848][ T7920] RIP: 0023:0xf739e579 [ 346.812436][ T7920] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.820180][ T7920] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 346.823807][ T7920] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 346.827285][ T7920] RDX: 0000000000000000 RSI: 0000000000008812 RDI: 0000000020000180 [ 346.830961][ T7920] RBP: 0000000000000020 R08: 0000000000000000 R09: 0000000000000000 [ 346.834314][ T7920] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.837886][ T7920] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.841291][ T7920] </TASK> [ 347.478955][ T833] IPVS: starting estimator thread 0... [ 347.601293][ T7931] IPVS: using max 23 ests per chain, 55200 per kthread [ 347.607575][ T7935] netlink: 28 bytes leftover after parsing attributes in process `syz.2.632'. [ 347.752664][ T7941] FAULT_INJECTION: forcing a failure. [ 347.752664][ T7941] name failslab, interval 1, probability 0, space 0, times 0 [ 347.758244][ T7941] CPU: 0 UID: 0 PID: 7941 Comm: syz.0.635 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 347.761873][ T7940] Invalid ELF header type: 0 != 1 [ 347.762622][ T7941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.762646][ T7941] Call Trace: [ 347.762653][ T7941] <TASK> [ 347.762660][ T7941] dump_stack_lvl+0x16c/0x1f0 [ 347.774145][ T7941] should_fail_ex+0x497/0x5b0 [ 347.775963][ T7941] ? fs_reclaim_acquire+0xae/0x160 [ 347.775984][ T7941] should_failslab+0xc2/0x120 [ 347.775997][ T7941] __kmalloc_noprof+0xcb/0x410 [ 347.776008][ T7941] ? __pfx_lock_acquire+0x10/0x10 [ 347.784586][ T7941] tomoyo_realpath_from_path+0xbf/0x710 [ 347.786954][ T7941] ? tomoyo_profile+0x47/0x60 [ 347.798904][ T7941] tomoyo_path_number_perm+0x245/0x5b0 [ 347.801072][ T7941] ? tomoyo_path_number_perm+0x232/0x5b0 [ 347.802972][ T7941] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 347.805389][ T7941] ? __pfx_lock_release+0x10/0x10 [ 347.807060][ T7941] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 347.809250][ T7941] ? __fget_files+0x256/0x400 [ 347.810847][ T7941] security_file_ioctl_compat+0x75/0xc0 [ 347.812658][ T7941] __do_compat_sys_ioctl+0x5d/0x330 [ 347.814570][ T7941] __do_fast_syscall_32+0x73/0x120 [ 347.816671][ T7941] do_fast_syscall_32+0x32/0x80 [ 347.818578][ T7941] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.821286][ T7941] RIP: 0023:0xf739e579 [ 347.822824][ T7941] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.830490][ T7941] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 347.833893][ T7941] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000040086602 [ 347.837200][ T7941] RDX: 0000000020001100 RSI: 0000000000000000 RDI: 0000000000000000 [ 347.840564][ T7941] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.843642][ T7941] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.846786][ T7941] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.849525][ T7941] </TASK> [ 347.886543][ T7941] ERROR: Out of memory at tomoyo_realpath_from_path. [ 348.244162][ T7957] FAULT_INJECTION: forcing a failure. [ 348.244162][ T7957] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 348.250824][ T7957] CPU: 3 UID: 0 PID: 7957 Comm: syz.0.639 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 348.255368][ T7957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 348.260225][ T7957] Call Trace: [ 348.261694][ T7957] <TASK> [ 348.262968][ T7957] dump_stack_lvl+0x16c/0x1f0 [ 348.265587][ T7957] should_fail_ex+0x497/0x5b0 [ 348.267501][ T7957] ? page_copy_sane+0xcd/0x2d0 [ 348.269471][ T7957] copy_page_from_iter_atomic+0x24c/0xfe0 [ 348.271685][ T7957] ? ext4_da_write_begin+0x221/0x8f0 [ 348.274335][ T7957] ? __pfx_copy_page_from_iter_atomic+0x10/0x10 [ 348.277076][ T7957] ? __pfx_ext4_da_write_begin+0x10/0x10 [ 348.279495][ T7957] generic_perform_write+0x53d/0xaa0 [ 348.282272][ T7957] ? __pfx_generic_perform_write+0x10/0x10 [ 348.284818][ T7957] ? down_write+0x14e/0x200 [ 348.286541][ T7957] ext4_buffered_write_iter+0x11f/0x3d0 [ 348.288701][ T7957] ? __lock_acquire+0xbdd/0x3cb0 [ 348.290638][ T7957] ext4_file_write_iter+0x874/0x1a40 [ 348.292536][ T7957] ? __pfx_lock_acquire+0x10/0x10 [ 348.294370][ T7957] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 348.296267][ T7957] vfs_write+0x6b6/0x1140 [ 348.298019][ T7957] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 348.300640][ T7957] ? __pfx_vfs_write+0x10/0x10 [ 348.303103][ T7957] ? __mutex_unlock_slowpath+0x164/0x650 [ 348.306008][ T7957] ksys_pwrite64+0x176/0x1a0 [ 348.308182][ T7957] ? __pfx_ksys_pwrite64+0x10/0x10 [ 348.310334][ T7957] __do_fast_syscall_32+0x73/0x120 [ 348.312626][ T7957] do_fast_syscall_32+0x32/0x80 [ 348.314746][ T7957] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 348.317235][ T7957] RIP: 0023:0xf739e579 [ 348.318960][ T7957] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 348.329369][ T7957] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 00000000000000b5 [ 348.333463][ T7957] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000200 [ 348.338307][ T7957] RDX: 000000000000fdef RSI: 0000000000e00001 RDI: 0000000000000000 [ 348.342349][ T7957] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 348.345821][ T7957] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 348.349529][ T7957] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 348.353753][ T7957] </TASK> [ 348.355159][ C3] vkms_vblank_simulate: vblank timer overrun [ 348.833608][ T7976] FAULT_INJECTION: forcing a failure. [ 348.833608][ T7976] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 348.851091][ T7976] CPU: 2 UID: 0 PID: 7976 Comm: syz.1.645 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 348.855676][ T7976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 348.860332][ T7976] Call Trace: [ 348.861826][ T7976] <TASK> [ 348.863148][ T7976] dump_stack_lvl+0x16c/0x1f0 [ 348.865232][ T7976] should_fail_ex+0x497/0x5b0 [ 348.867349][ T7976] ? fs_reclaim_acquire+0xae/0x160 [ 348.869641][ T7976] should_fail_alloc_page+0xe7/0x130 [ 348.871949][ T7976] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 348.874673][ T7976] ? hlock_class+0x4e/0x130 [ 348.876308][ T7976] __alloc_pages_noprof+0x194/0x2460 [ 348.878124][ T7976] ? __pfx_mark_lock+0x10/0x10 [ 348.879937][ T7976] ? hlock_class+0x4e/0x130 [ 348.881927][ T7976] ? mark_lock+0xb5/0xc60 [ 348.883833][ T7976] ? __kernel_text_address+0xd/0x40 [ 348.886264][ T7976] ? hlock_class+0x4e/0x130 [ 348.888261][ T7976] ? __lock_acquire+0xbdd/0x3cb0 [ 348.890232][ T7976] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 348.892747][ T7976] ? __pfx___lock_acquire+0x10/0x10 [ 348.895058][ T7976] ? __pfx_mark_lock+0x10/0x10 [ 348.897206][ T7976] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.899835][ T7976] ? policy_nodemask+0xea/0x4e0 [ 348.902020][ T7976] alloc_pages_mpol_noprof+0x275/0x610 [ 348.904408][ T7976] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 348.907033][ T7976] ? find_held_lock+0x2d/0x110 [ 348.909168][ T7976] folio_alloc_mpol_noprof+0x36/0xd0 [ 348.911282][ T7976] vma_alloc_folio_noprof+0xee/0x1b0 [ 348.913538][ T7976] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 348.916144][ T7976] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 348.918436][ T7976] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 348.920725][ T7976] __handle_mm_fault+0x2cf6/0x5400 [ 348.922973][ T7976] ? down_read_trylock+0x1ed/0x3f0 [ 348.925094][ T7976] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 348.927310][ T7976] ? __pfx___handle_mm_fault+0x10/0x10 [ 348.929473][ T7976] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 348.931655][ T7976] handle_mm_fault+0x498/0xa60 [ 348.933536][ T7976] ? spurious_kernel_fault+0x361/0x3c0 [ 348.935282][ T7976] do_user_addr_fault+0x60d/0x13f0 [ 348.937234][ T7976] exc_page_fault+0x5c/0xc0 [ 348.939001][ T7976] asm_exc_page_fault+0x26/0x30 [ 348.940922][ T7976] RIP: 0023:0xf7275610 [ 348.942769][ T7976] Code: 20 00 00 65 8b 15 14 00 00 00 89 94 24 cc 20 00 00 8b 56 68 85 d2 0f 85 46 01 00 00 c7 46 68 ff ff ff ff 8d 94 24 cc 00 00 00 <89> b4 24 bc 00 00 00 89 54 24 38 89 54 24 34 8d 94 24 cc 20 00 00 [ 348.950808][ T7976] RSP: 002b:00000000f57544a0 EFLAGS: 00010246 [ 348.953210][ T7976] RAX: 00000000f731e5bc RBX: 00000000f744fff4 RCX: 00000000f57565d4 [ 348.956281][ T7976] RDX: 00000000f575456c RSI: 00000000f7456240 RDI: 0000000000000009 [ 348.959621][ T7976] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 348.963005][ T7976] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 348.966464][ T7976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 348.969843][ T7976] </TASK> [ 348.996820][ T7976] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 349.756098][ T7983] xt_connbytes: Forcing CT accounting to be enabled [ 349.760718][ T7985] batadv_slave_0: entered promiscuous mode [ 349.766268][ T7983] Cannot find del_set index 0 as target [ 349.813942][ T7983] batadv_slave_0: left promiscuous mode [ 351.208635][ T8] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 351.221217][ T8018] netlink: 8 bytes leftover after parsing attributes in process `syz.3.657'. [ 351.409331][ T8023] netlink: 48 bytes leftover after parsing attributes in process `syz.2.658'. [ 351.413218][ T8023] netlink: 24 bytes leftover after parsing attributes in process `syz.2.658'. [ 351.428515][ T8022] netlink: 44 bytes leftover after parsing attributes in process `syz.3.659'. [ 351.460459][ T8] usb 6-1: Using ep0 maxpacket: 32 [ 351.465359][ T8] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 351.469856][ T8] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 351.474871][ T8] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 351.481184][ T8] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 351.488570][ T8] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 351.494559][ T8] usb 6-1: config 0 interface 0 has no altsetting 0 [ 351.503289][ T8] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 351.507390][ T8] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 351.512049][ T8] usb 6-1: Product: syz [ 351.513953][ T8] usb 6-1: Manufacturer: syz [ 351.514423][ T8023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.658'. [ 351.515950][ T8] usb 6-1: SerialNumber: syz [ 351.524783][ T8] usb 6-1: config 0 descriptor?? [ 351.546206][ T8] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 351.548573][ T8023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.658'. [ 351.552091][ T8] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 351.753776][ T8009] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90 [ 351.787737][ T8025] ptrace attach of "/syz-executor exec"[7243] was attempted by ""[8025] [ 351.822642][ T5505] usb 6-1: USB disconnect, device number 9 [ 351.826071][ T5505] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 354.071830][ T8049] netlink: 'syz.2.668': attribute type 8 has an invalid length. [ 354.077405][ T8049] netlink: 161700 bytes leftover after parsing attributes in process `syz.2.668'. [ 354.218966][ T8051] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 354.292982][ T5366] Bluetooth: hci9: unexpected event for opcode 0x1003 [ 354.305693][ T8054] fuse: Bad value for 'user_id' [ 354.316163][ T8054] fuse: Bad value for 'user_id' [ 354.395754][ T8054] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 354.828657][ T35] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 355.012766][ T35] usb 6-1: Using ep0 maxpacket: 32 [ 355.033722][ T35] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 355.043345][ T35] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 355.047736][ T35] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 355.052642][ T35] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 355.056686][ T35] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 355.062514][ T35] usb 6-1: config 0 interface 0 has no altsetting 0 [ 355.072334][ T35] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 355.076105][ T35] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 355.082898][ T35] usb 6-1: Product: syz [ 355.084649][ T35] usb 6-1: Manufacturer: syz [ 355.087016][ T35] usb 6-1: SerialNumber: syz [ 355.098090][ T35] usb 6-1: config 0 descriptor?? [ 355.109285][ T35] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 355.134671][ T35] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 355.342075][ T8056] ldusb 6-1:0.0: Couldn't submit interrupt_in_urb -90 [ 355.363953][ T35] usb 6-1: USB disconnect, device number 10 [ 355.379240][ T35] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 356.137075][ T8073] netlink: 64 bytes leftover after parsing attributes in process `syz.1.676'. [ 356.466882][ T8077] input: syz0 as /devices/virtual/input/input10 [ 356.536326][ T8027] udevd[8027]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 357.021998][ T8079] FAULT_INJECTION: forcing a failure. [ 357.021998][ T8079] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 357.027625][ T8079] CPU: 3 UID: 0 PID: 8079 Comm: syz.0.678 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 357.032161][ T8079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 357.036784][ T8079] Call Trace: [ 357.038282][ T8079] <TASK> [ 357.039576][ T8079] dump_stack_lvl+0x16c/0x1f0 [ 357.041645][ T8079] should_fail_ex+0x497/0x5b0 [ 357.043684][ T8079] _copy_from_user+0x30/0xf0 [ 357.045737][ T8079] get_compat_msghdr+0xa8/0x170 [ 357.047905][ T8079] ? __pfx_get_compat_msghdr+0x10/0x10 [ 357.050332][ T8079] ? __pfx___lock_acquire+0x10/0x10 [ 357.052648][ T8079] ___sys_sendmsg+0x1b0/0x1e0 [ 357.054782][ T8079] ? __pfx____sys_sendmsg+0x10/0x10 [ 357.057028][ T8079] ? ksys_write+0x21c/0x260 [ 357.059037][ T8079] ? __fget_light+0x173/0x210 [ 357.061108][ T8079] __sys_sendmsg+0x117/0x1f0 [ 357.063177][ T8079] ? __pfx___sys_sendmsg+0x10/0x10 [ 357.065455][ T8079] __do_fast_syscall_32+0x73/0x120 [ 357.067699][ T8079] do_fast_syscall_32+0x32/0x80 [ 357.069857][ T8079] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 357.072613][ T8079] RIP: 0023:0xf739e579 [ 357.074408][ T8079] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 357.082551][ T8079] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 357.086157][ T8079] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020006040 [ 357.089591][ T8079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 357.093069][ T8079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 357.096528][ T8079] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 357.099930][ T8079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 357.103380][ T8079] </TASK> [ 357.104834][ C3] vkms_vblank_simulate: vblank timer overrun [ 357.299669][ T8083] netlink: 16 bytes leftover after parsing attributes in process `syz.2.680'. [ 358.308972][ T5366] Bluetooth: hci9: Controller not accepting commands anymore: ncmd = 0 [ 358.312572][ T5366] Bluetooth: hci9: Injecting HCI hardware error event [ 358.317758][ T5357] Bluetooth: hci9: hardware error 0x00 [ 360.398683][ T5357] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 362.253737][ T8121] syz.1.692[8121] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 362.253974][ T8121] syz.1.692[8121] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 362.293402][ T8120] FAULT_INJECTION: forcing a failure. [ 362.293402][ T8120] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 362.293494][ T8120] [ 362.293498][ T8120] ====================================================== [ 362.293503][ T8120] WARNING: possible circular locking dependency detected [ 362.293515][ T8120] 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 Not tainted [ 362.293524][ T8120] ------------------------------------------------------ [ 362.293529][ T8120] syz.3.693/8120 is trying to acquire lock: [ 362.293536][ T8120] ffffffff8dda75d8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x12/0x70 [ 362.293580][ T8120] [ 362.293580][ T8120] but task is already holding lock: [ 362.293584][ T8120] ffff88802b83edd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 362.293622][ T8120] [ 362.293622][ T8120] which lock already depends on the new lock. [ 362.293622][ T8120] [ 362.293627][ T8120] [ 362.293627][ T8120] the existing dependency chain (in reverse order) is: [ 362.293631][ T8120] [ 362.293631][ T8120] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 362.293648][ T8120] _raw_spin_lock_nested+0x31/0x40 [ 362.293666][ T8120] raw_spin_rq_lock_nested+0x29/0x130 [ 362.293685][ T8120] task_fork_fair+0x73/0x250 [ 362.293701][ T8120] sched_cgroup_fork+0x3cf/0x510 [ 362.293715][ T8120] copy_process+0x4710/0x6f50 [ 362.293730][ T8120] kernel_clone+0xfd/0x960 [ 362.293746][ T8120] user_mode_thread+0xb4/0xf0 [ 362.293761][ T8120] rest_init+0x23/0x2b0 [ 362.293773][ T8120] start_kernel+0x3df/0x4c0 [ 362.293792][ T8120] x86_64_start_reservations+0x18/0x30 [ 362.293812][ T8120] x86_64_start_kernel+0xb2/0xc0 [ 362.293830][ T8120] common_startup_64+0x13e/0x148 [ 362.293844][ T8120] [ 362.293844][ T8120] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 362.293861][ T8120] _raw_spin_lock_irqsave+0x3a/0x60 [ 362.293877][ T8120] try_to_wake_up+0x9a/0x13e0 [ 362.293896][ T8120] up+0x79/0xb0 [ 362.293915][ T8120] console_unlock+0x23e/0x290 [ 362.293937][ T8120] vga_remove_vgacon+0x90/0xd0 [ 362.293954][ T8120] aperture_remove_conflicting_pci_devices+0x16a/0x1e0 [ 362.293979][ T8120] bochs_pci_probe+0x101/0x1150 [ 362.294000][ T8120] local_pci_probe+0xde/0x1b0 [ 362.294021][ T8120] pci_device_probe+0x29d/0x7b0 [ 362.294042][ T8120] really_probe+0x23e/0xa90 [ 362.294063][ T8120] __driver_probe_device+0x1de/0x440 [ 362.294076][ T8120] driver_probe_device+0x4c/0x1b0 [ 362.294089][ T8120] __driver_attach+0x283/0x580 [ 362.294101][ T8120] bus_for_each_dev+0x13c/0x1d0 [ 362.294119][ T8120] bus_add_driver+0x2e9/0x690 [ 362.294139][ T8120] driver_register+0x15c/0x4b0 [ 362.294153][ T8120] bochs_pci_driver_init+0x67/0x80 [ 362.294173][ T8120] do_one_initcall+0x128/0x630 [ 362.294192][ T8120] kernel_init_freeable+0x660/0xc50 [ 362.294211][ T8120] kernel_init+0x1c/0x2b0 [ 362.294223][ T8120] ret_from_fork+0x45/0x80 [ 362.294261][ T8120] ret_from_fork_asm+0x1a/0x30 [ 362.294282][ T8120] [ 362.294282][ T8120] -> #0 ((console_sem).lock){-.-.}-{2:2}: [ 362.294299][ T8120] __lock_acquire+0x24ed/0x3cb0 [ 362.294318][ T8120] lock_acquire+0x1b1/0x560 [ 362.294335][ T8120] _raw_spin_lock_irqsave+0x3a/0x60 [ 362.294351][ T8120] down_trylock+0x12/0x70 [ 362.294371][ T8120] __down_trylock_console_sem+0x40/0x140 [ 362.294391][ T8120] vprintk_emit+0x3d3/0x600 [ 362.294403][ T8120] vprintk+0x7f/0xa0 [ 362.294416][ T8120] _printk+0xc8/0x100 [ 362.294432][ T8120] should_fail_ex+0x46c/0x5b0 [ 362.294448][ T8120] copy_to_user_nofault+0x9f/0x1a0 [ 362.294485][ T8120] bpf_probe_write_user+0xaf/0xf0 [ 362.294498][ T8120] bpf_prog_c7763bb3f68e5cb3+0x40/0x42 [ 362.294513][ T8120] bpf_trace_run4+0x245/0x5a0 [ 362.294529][ T8120] __traceiter_sched_switch+0x6c/0xc0 [ 362.294550][ T8120] __schedule+0x17cf/0x5490 [ 362.294566][ T8120] preempt_schedule_common+0x44/0xc0 [ 362.294585][ T8120] preempt_schedule_thunk+0x1a/0x30 [ 362.294598][ T8120] unwind_next_frame+0x1c90/0x23a0 [ 362.294612][ T8120] arch_stack_walk+0x100/0x170 [ 362.294626][ T8120] stack_trace_save+0x95/0xd0 [ 362.294641][ T8120] kasan_save_stack+0x33/0x60 [ 362.294655][ T8120] kasan_save_track+0x14/0x30 [ 362.294667][ T8120] __kasan_kmalloc+0xaa/0xb0 [ 362.294678][ T8120] rtnl_newlink+0x49/0xa0 [ 362.294695][ T8120] rtnetlink_rcv_msg+0x3c7/0xea0 [ 362.294709][ T8120] netlink_rcv_skb+0x165/0x410 [ 362.294728][ T8120] netlink_unicast+0x53c/0x7f0 [ 362.294746][ T8120] netlink_sendmsg+0x8b8/0xd70 [ 362.294764][ T8120] ____sys_sendmsg+0x9b4/0xb50 [ 362.294777][ T8120] ___sys_sendmsg+0x135/0x1e0 [ 362.294794][ T8120] __sys_sendmsg+0x117/0x1f0 [ 362.294811][ T8120] __do_fast_syscall_32+0x73/0x120 [ 362.294828][ T8120] do_fast_syscall_32+0x32/0x80 [ 362.294848][ T8120] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 362.294866][ T8120] [ 362.294866][ T8120] other info that might help us debug this: [ 362.294866][ T8120] [ 362.294870][ T8120] Chain exists of: [ 362.294870][ T8120] (console_sem).lock --> &p->pi_lock --> &rq->__lock [ 362.294870][ T8120] [ 362.294889][ T8120] Possible unsafe locking scenario: [ 362.294889][ T8120] [ 362.294893][ T8120] CPU0 CPU1 [ 362.294896][ T8120] ---- ---- [ 362.294900][ T8120] lock(&rq->__lock); [ 362.294907][ T8120] lock(&p->pi_lock); [ 362.294916][ T8120] lock(&rq->__lock); [ 362.294924][ T8120] lock((console_sem).lock); [ 362.294931][ T8120] [ 362.294931][ T8120] *** DEADLOCK *** [ 362.294931][ T8120] [ 362.294934][ T8120] 3 locks held by syz.3.693/8120: [ 362.294943][ T8120] #0: ffffffff8fa17fa8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x372/0xea0 [ 362.294978][ T8120] #1: ffff88802b83edd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 362.295016][ T8120] #2: ffffffff8ddb94a0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x1d6/0x5a0 [ 362.295049][ T8120] [ 362.295049][ T8120] stack backtrace: [ 362.295054][ T8120] CPU: 3 UID: 0 PID: 8120 Comm: syz.3.693 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 362.295071][ T8120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 362.295080][ T8120] Call Trace: [ 362.295086][ T8120] <TASK> [ 362.295092][ T8120] dump_stack_lvl+0x116/0x1f0 [ 362.295110][ T8120] check_noncircular+0x31a/0x400 [ 362.295131][ T8120] ? __pfx_check_noncircular+0x10/0x10 [ 362.295150][ T8120] ? __pfx__prb_read_valid+0x10/0x10 [ 362.295167][ T8120] ? __pfx_format_decode+0x10/0x10 [ 362.295190][ T8120] ? lockdep_lock+0xc6/0x200 [ 362.295206][ T8120] ? __pfx_lockdep_lock+0x10/0x10 [ 362.295221][ T8120] ? vsnprintf+0x40f/0x1870 [ 362.295245][ T8120] __lock_acquire+0x24ed/0x3cb0 [ 362.295268][ T8120] ? __pfx___lock_acquire+0x10/0x10 [ 362.295287][ T8120] ? vprintk_store+0x222/0xbb0 [ 362.295310][ T8120] lock_acquire+0x1b1/0x560 [ 362.295329][ T8120] ? down_trylock+0x12/0x70 [ 362.295351][ T8120] ? __pfx_lock_acquire+0x10/0x10 [ 362.295372][ T8120] ? hlock_class+0x4e/0x130 [ 362.295389][ T8120] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 362.295410][ T8120] ? vprintk+0x7f/0xa0 [ 362.295425][ T8120] _raw_spin_lock_irqsave+0x3a/0x60 [ 362.295443][ T8120] ? down_trylock+0x12/0x70 [ 362.295464][ T8120] down_trylock+0x12/0x70 [ 362.295487][ T8120] __down_trylock_console_sem+0x40/0x140 [ 362.295516][ T8120] vprintk_emit+0x3d3/0x600 [ 362.295533][ T8120] vprintk+0x7f/0xa0 [ 362.295549][ T8120] _printk+0xc8/0x100 [ 362.295569][ T8120] ? __pfx__printk+0x10/0x10 [ 362.295589][ T8120] ? map_id_up+0x282/0x370 [ 362.295613][ T8120] ? ___ratelimit+0x24c/0x580 [ 362.295637][ T8120] ? __pfx_map_id_up+0x10/0x10 [ 362.295659][ T8120] ? __pfx____ratelimit+0x10/0x10 [ 362.295687][ T8120] should_fail_ex+0x46c/0x5b0 [ 362.295707][ T8120] copy_to_user_nofault+0x9f/0x1a0 [ 362.295729][ T8120] bpf_probe_write_user+0xaf/0xf0 [ 362.295746][ T8120] bpf_prog_c7763bb3f68e5cb3+0x40/0x42 [ 362.295758][ T8120] bpf_trace_run4+0x245/0x5a0 [ 362.295778][ T8120] ? __pfx_bpf_trace_run4+0x10/0x10 [ 362.295799][ T8120] ? tracing_record_taskinfo_sched_switch+0x54/0x400 [ 362.295823][ T8120] __traceiter_sched_switch+0x6c/0xc0 [ 362.295847][ T8120] __schedule+0x17cf/0x5490 [ 362.295866][ T8120] ? is_bpf_text_address+0x8a/0x1a0 [ 362.295885][ T8120] ? __pfx_lock_release+0x10/0x10 [ 362.295906][ T8120] ? stack_access_ok+0xf9/0x270 [ 362.295920][ T8120] ? __module_address+0x55/0x3c0 [ 362.295945][ T8120] ? __pfx___schedule+0x10/0x10 [ 362.295965][ T8120] ? mark_held_locks+0x9f/0xe0 [ 362.295990][ T8120] ? preempt_schedule_thunk+0x1a/0x30 [ 362.296007][ T8120] preempt_schedule_common+0x44/0xc0 [ 362.296028][ T8120] preempt_schedule_thunk+0x1a/0x30 [ 362.296045][ T8120] ? unwind_next_frame+0x11ff/0x23a0 [ 362.296060][ T8120] ? unwind_next_frame+0x1c8b/0x23a0 [ 362.296075][ T8120] unwind_next_frame+0x1c90/0x23a0 [ 362.296091][ T8120] ? __sys_sendmsg+0x117/0x1f0 [ 362.296115][ T8120] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 362.296133][ T8120] arch_stack_walk+0x100/0x170 [ 362.296152][ T8120] ? __do_fast_syscall_32+0x73/0x120 [ 362.296176][ T8120] stack_trace_save+0x95/0xd0 [ 362.296193][ T8120] ? __pfx_stack_trace_save+0x10/0x10 [ 362.296210][ T8120] ? hlock_class+0x4e/0x130 [ 362.296228][ T8120] kasan_save_stack+0x33/0x60 [ 362.296244][ T8120] ? kasan_save_stack+0x33/0x60 [ 362.296259][ T8120] ? kasan_save_track+0x14/0x30 [ 362.296273][ T8120] ? __kasan_kmalloc+0xaa/0xb0 [ 362.296288][ T8120] ? rtnl_newlink+0x49/0xa0 [ 362.296306][ T8120] ? rtnetlink_rcv_msg+0x3c7/0xea0 [ 362.296324][ T8120] ? netlink_rcv_skb+0x165/0x410 [ 362.296347][ T8120] ? netlink_unicast+0x53c/0x7f0 [ 362.296370][ T8120] ? netlink_sendmsg+0x8b8/0xd70 [ 362.296392][ T8120] ? ____sys_sendmsg+0x9b4/0xb50 [ 362.296407][ T8120] ? ___sys_sendmsg+0x135/0x1e0 [ 362.296427][ T8120] ? __sys_sendmsg+0x117/0x1f0 [ 362.296464][ T8120] kasan_save_track+0x14/0x30 [ 362.296479][ T8120] __kasan_kmalloc+0xaa/0xb0 [ 362.296495][ T8120] rtnl_newlink+0x49/0xa0 [ 362.296519][ T8120] ? __pfx_rtnl_newlink+0x10/0x10 [ 362.296539][ T8120] rtnetlink_rcv_msg+0x3c7/0xea0 [ 362.296558][ T8120] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 362.296577][ T8120] ? __pfx___dev_queue_xmit+0x10/0x10 [ 362.296599][ T8120] netlink_rcv_skb+0x165/0x410 [ 362.296623][ T8120] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 362.296642][ T8120] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 362.296672][ T8120] ? netlink_deliver_tap+0x1ae/0xcf0 [ 362.296697][ T8120] netlink_unicast+0x53c/0x7f0 [ 362.296721][ T8120] ? __pfx_netlink_unicast+0x10/0x10 [ 362.296745][ T8120] ? __phys_addr_symbol+0x30/0x80 [ 362.296760][ T8120] ? __check_object_size+0x497/0x720 [ 362.296783][ T8120] netlink_sendmsg+0x8b8/0xd70 [ 362.296806][ T8120] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.296828][ T8120] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 362.296852][ T8120] ____sys_sendmsg+0x9b4/0xb50 [ 362.296867][ T8120] ? __pfx_____sys_sendmsg+0x10/0x10 [ 362.296882][ T8120] ? get_compat_msghdr+0x11b/0x170 [ 362.296905][ T8120] ? __pfx___lock_acquire+0x10/0x10 [ 362.296925][ T8120] ___sys_sendmsg+0x135/0x1e0 [ 362.296947][ T8120] ? __pfx____sys_sendmsg+0x10/0x10 [ 362.296973][ T8120] ? ksys_write+0x21c/0x260 [ 362.296997][ T8120] ? __fget_light+0x173/0x210 [ 362.297017][ T8120] __sys_sendmsg+0x117/0x1f0 [ 362.297038][ T8120] ? __pfx___sys_sendmsg+0x10/0x10 [ 362.297067][ T8120] __do_fast_syscall_32+0x73/0x120 [ 362.297090][ T8120] do_fast_syscall_32+0x32/0x80 [ 362.297112][ T8120] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 362.297130][ T8120] RIP: 0023:0xf740e579 [ 362.297142][ T8120] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 362.297157][ T8120] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 362.297171][ T8120] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000600 [ 362.297206][ T8120] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 362.297216][ T8120] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 362.297225][ T8120] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 362.297235][ T8120] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 362.297251][ T8120] </TASK> [ 362.803512][ T8120] CPU: 3 UID: 0 PID: 8120 Comm: syz.3.693 Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a #0 [ 362.807983][ T8120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 362.812097][ T8120] Call Trace: [ 362.813404][ T8120] <TASK> [ 362.814704][ T8120] dump_stack_lvl+0x116/0x1f0 [ 362.816737][ T8120] should_fail_ex+0x497/0x5b0 [ 362.818865][ T8120] copy_to_user_nofault+0x9f/0x1a0 [ 362.821133][ T8120] bpf_probe_write_user+0xaf/0xf0 [ 362.823399][ T8120] bpf_prog_c7763bb3f68e5cb3+0x40/0x42 [ 362.825818][ T8120] bpf_trace_run4+0x245/0x5a0 [ 362.827863][ T8120] ? __pfx_bpf_trace_run4+0x10/0x10 [ 362.830151][ T8120] ? tracing_record_taskinfo_sched_switch+0x54/0x400 [ 362.833101][ T8120] __traceiter_sched_switch+0x6c/0xc0 [ 362.835500][ T8120] __schedule+0x17cf/0x5490 [ 362.837449][ T8120] ? is_bpf_text_address+0x8a/0x1a0 [ 362.839474][ T8120] ? __pfx_lock_release+0x10/0x10 [ 362.841456][ T8120] ? stack_access_ok+0xf9/0x270 [ 362.843318][ T8120] ? __module_address+0x55/0x3c0 [ 362.846406][ T8120] ? __pfx___schedule+0x10/0x10 [ 362.848538][ T8120] ? mark_held_locks+0x9f/0xe0 [ 362.850676][ T8120] ? preempt_schedule_thunk+0x1a/0x30 [ 362.853028][ T8120] preempt_schedule_common+0x44/0xc0 [ 362.855386][ T8120] preempt_schedule_thunk+0x1a/0x30 [ 362.858143][ T8120] ? unwind_next_frame+0x11ff/0x23a0 [ 362.860971][ T8120] ? unwind_next_frame+0x1c8b/0x23a0 [ 362.863315][ T8120] unwind_next_frame+0x1c90/0x23a0 [ 362.865643][ T8120] ? __sys_sendmsg+0x117/0x1f0 [ 362.867756][ T8120] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 362.870470][ T8120] arch_stack_walk+0x100/0x170 [ 362.872611][ T8120] ? __do_fast_syscall_32+0x73/0x120 [ 362.874950][ T8120] stack_trace_save+0x95/0xd0 [ 362.877031][ T8120] ? __pfx_stack_trace_save+0x10/0x10 [ 362.879415][ T8120] ? hlock_class+0x4e/0x130 [ 362.882491][ T8120] kasan_save_stack+0x33/0x60 [ 362.884581][ T8120] ? kasan_save_stack+0x33/0x60 [ 362.886674][ T8120] ? kasan_save_track+0x14/0x30 [ 362.888833][ T8120] ? __kasan_kmalloc+0xaa/0xb0 [ 362.890934][ T8120] ? rtnl_newlink+0x49/0xa0 [ 362.892964][ T8120] ? rtnetlink_rcv_msg+0x3c7/0xea0 [ 362.895350][ T8120] ? netlink_rcv_skb+0x165/0x410 [ 362.897568][ T8120] ? netlink_unicast+0x53c/0x7f0 [ 362.899674][ T8120] ? netlink_sendmsg+0x8b8/0xd70 [ 362.901601][ T8120] ? ____sys_sendmsg+0x9b4/0xb50 [ 362.903178][ T8120] ? ___sys_sendmsg+0x135/0x1e0 [ 362.904732][ T8120] ? __sys_sendmsg+0x117/0x1f0 [ 362.906548][ T8120] kasan_save_track+0x14/0x30 [ 362.908293][ T8120] __kasan_kmalloc+0xaa/0xb0 [ 362.910095][ T8120] rtnl_newlink+0x49/0xa0 [ 362.911546][ T8120] ? __pfx_rtnl_newlink+0x10/0x10 [ 362.913252][ T8120] rtnetlink_rcv_msg+0x3c7/0xea0 [ 362.915197][ T8120] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 362.917490][ T8120] ? __pfx___dev_queue_xmit+0x10/0x10 [ 362.919746][ T8120] netlink_rcv_skb+0x165/0x410 [ 362.921626][ T8120] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 362.924084][ T8120] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 362.926431][ T8120] ? netlink_deliver_tap+0x1ae/0xcf0 [ 362.928761][ T8120] netlink_unicast+0x53c/0x7f0 [ 362.930905][ T8120] ? __pfx_netlink_unicast+0x10/0x10 [ 362.933196][ T8120] ? __phys_addr_symbol+0x30/0x80 [ 362.935380][ T8120] ? __check_object_size+0x497/0x720 [ 362.937606][ T8120] netlink_sendmsg+0x8b8/0xd70 [ 362.939513][ T8120] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.942118][ T8120] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 362.944413][ T8120] ____sys_sendmsg+0x9b4/0xb50 [ 362.946670][ T8120] ? __pfx_____sys_sendmsg+0x10/0x10 [ 362.948930][ T8120] ? get_compat_msghdr+0x11b/0x170 [ 362.951158][ T8120] ? __pfx___lock_acquire+0x10/0x10 [ 362.953448][ T8120] ___sys_sendmsg+0x135/0x1e0 [ 362.955541][ T8120] ? __pfx____sys_sendmsg+0x10/0x10 [ 362.957799][ T8120] ? ksys_write+0x21c/0x260 [ 362.959716][ T8120] ? __fget_light+0x173/0x210 [ 362.961678][ T8120] __sys_sendmsg+0x117/0x1f0 [ 362.963659][ T8120] ? __pfx___sys_sendmsg+0x10/0x10 [ 362.965816][ T8120] __do_fast_syscall_32+0x73/0x120 [ 362.968003][ T8120] do_fast_syscall_32+0x32/0x80 [ 362.970044][ T8120] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 362.972669][ T8120] RIP: 0023:0xf740e579 [ 362.974435][ T8120] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 362.982198][ T8120] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 362.985634][ T8120] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000600 [ 362.988531][ T8120] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 362.991671][ T8120] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 362.994734][ T8120] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 362.997775][ T8120] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 363.000789][ T8120] </TASK> [ 363.002209][ C3] vkms_vblank_simulate: vblank timer overrun [ 363.011309][ T8120] netlink: 'syz.3.693': attribute type 10 has an invalid length. [ 363.021986][ T8120] team0: Port device wlan1 added SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 363.278847][ T8123] nbd1: detected capacity change from 0 to 22 [ 363.282981][ T8123] block nbd1: shutting down sockets [ 363.310638][ T51] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.314333][ T51] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.317689][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.325562][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.332739][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.336597][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.339883][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.342905][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.345941][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.350577][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.355531][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.359379][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.362207][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.365936][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.369957][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.373748][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.376976][ T7949] ldm_validate_partition_table(): Disk read failed. [ 363.380248][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.384020][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.387038][ T7949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 363.391995][ T7949] Buffer I/O error on dev nbd1, logical block 0, async page read [ 363.395237][ T7949] Dev nbd1: unable to read RDB block 0 [ 363.397539][ T7949] nbd1: unable to read partition table [ 363.400722][ T7949] nbd1: partition table beyond EOD, truncated [ 363.413018][ T7949] ldm_validate_partition_table(): Disk read failed. [ 363.422895][ T7949] Dev nbd1: unable to read RDB block 0 [ 363.425372][ T7949] nbd1: unable to read partition table [ 363.427862][ T7949] nbd1: partition table beyond EOD, truncated [ 363.791588][ T1104] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.915038][ T1104] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.016634][ T1104] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.046015][ T7259] syz-executor (7259) used greatest stack depth: 19712 bytes left [ 364.107467][ T1104] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.245590][ T1104] bridge_slave_1: left allmulticast mode [ 364.247824][ T1104] bridge_slave_1: left promiscuous mode [ 364.252084][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.256652][ T1104] bridge_slave_0: left allmulticast mode [ 364.261564][ T1104] bridge_slave_0: left promiscuous mode [ 364.264036][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.574411][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 364.584291][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 364.595007][ T1104] bond0 (unregistering): Released all slaves [ 364.603216][ T1104] bond1 (unregistering): Released all slaves [ 364.686650][ T1104] tipc: Disabling bearer <udp:syz2> [ 364.689721][ T1104] tipc: Left network mode [ 365.046441][ T1104] hsr_slave_0: left promiscuous mode [ 365.050858][ T1104] hsr_slave_1: left promiscuous mode [ 365.054722][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 365.057974][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 365.070284][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 365.073054][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 365.084534][ T1104] veth1_macvtap: left promiscuous mode [ 365.086505][ T1104] veth0_macvtap: left promiscuous mode [ 365.088847][ T1104] veth1_vlan: left promiscuous mode [ 365.090659][ T1104] veth0_vlan: left promiscuous mode [ 365.501492][ T1104] team0 (unregistering): Port device team_slave_1 removed [ 365.560382][ T1104] team0 (unregistering): Port device team_slave_0 removed [ 366.557289][ T1104] IPVS: stop unused estimator thread 0... [ 366.682350][ T1104] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.796050][ T1104] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.882598][ T1104] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.971759][ T1104] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.121793][ T1104] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.220027][ T1104] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.286154][ T1104] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.370163][ T1104] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.500637][ T1104] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.602303][ T1104] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.749256][ T1104] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.833189][ T1104] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 367.940516][ T1104] bridge_slave_1: left allmulticast mode [ 367.942836][ T1104] bridge_slave_1: left promiscuous mode [ 367.945292][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state [ 367.954089][ T1104] bridge_slave_0: left allmulticast mode [ 367.956621][ T1104] bridge_slave_0: left promiscuous mode [ 367.962256][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.973396][ T1104] bridge_slave_1: left allmulticast mode [ 367.975581][ T1104] bridge_slave_1: left promiscuous mode [ 367.981208][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state [ 367.986193][ T1104] bridge_slave_0: left allmulticast mode [ 367.988098][ T1104] bridge_slave_0: left promiscuous mode [ 367.991926][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.999822][ T1104] bridge_slave_1: left allmulticast mode [ 368.002057][ T1104] bridge_slave_1: left promiscuous mode [ 368.004370][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state [ 368.011714][ T1104] bridge_slave_0: left allmulticast mode [ 368.013981][ T1104] bridge_slave_0: left promiscuous mode [ 368.016370][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state [ 368.637881][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 368.647370][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 368.657017][ T1104] bond0 (unregistering): Released all slaves [ 368.685918][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 368.694161][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 368.704712][ T1104] bond0 (unregistering): Released all slaves [ 368.727886][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 368.735620][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 368.744349][ T1104] bond0 (unregistering): Released all slaves [ 369.282767][ T1104] team0: Port device wlan1 removed [ 369.693846][ T1104] hsr_slave_0: left promiscuous mode [ 369.698030][ T1104] hsr_slave_1: left promiscuous mode [ 369.702202][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 369.705429][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 369.711080][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 369.714514][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 369.728829][ T1104] hsr_slave_0: left promiscuous mode [ 369.731937][ T1104] hsr_slave_1: left promiscuous mode [ 369.735251][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 369.741622][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 369.746059][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 369.749769][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 369.758261][ T1104] hsr_slave_0: left promiscuous mode [ 369.768116][ T1104] hsr_slave_1: left promiscuous mode [ 369.773769][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 369.776989][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 369.783871][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 369.787081][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 369.798215][ T1104] veth1_macvtap: left promiscuous mode [ 369.801736][ T1104] veth0_macvtap: left promiscuous mode [ 369.804218][ T1104] veth1_vlan: left promiscuous mode [ 369.806465][ T1104] veth0_vlan: left promiscuous mode [ 369.811253][ T1104] veth1_macvtap: left promiscuous mode [ 369.813511][ T1104] veth0_macvtap: left promiscuous mode [ 369.815813][ T1104] veth1_vlan: left promiscuous mode [ 369.818176][ T1104] veth0_vlan: left promiscuous mode [ 369.824378][ T1104] veth1_macvtap: left promiscuous mode [ 369.826849][ T1104] veth0_macvtap: left promiscuous mode [ 369.829336][ T1104] veth1_vlan: left promiscuous mode [ 369.831577][ T1104] veth0_vlan: left promiscuous mode [ 370.540230][ T1104] team0 (unregistering): Port device team_slave_1 removed [ 370.605076][ T1104] team0 (unregistering): Port device team_slave_0 removed [ 371.184266][ T1104] team0 (unregistering): Port device team_slave_1 removed [ 371.265161][ T1104] team0 (unregistering): Port device team_slave_0 removed [ 372.111130][ T1104] team0 (unregistering): Port device team_slave_1 removed [ 372.192571][ T1104] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 07:24:47 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffffc90004537b60 RCX=0000000000000000 RDX=0000000000000000 RSI=ffffffff84b233a4 RDI=ffffc90004537b60 RBP=ffffffff84b23390 RSP=ffffc90000007f60 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=000000000005d25e R12=0000000000000000 R13=dffffc0000000000 R14=ffffc90004097b20 R15=ffffc90004537b28 RIP=ffffffff84b233cd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000025016c64 CR3=0000000053096000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000003 RBX=ffffc90004097ba0 RCX=1ffffffff202432f RDX=dffffc0000000000 RSI=ffffffff8b4c9540 RDI=ffffffff932020e0 RBP=ffffffff9a28e160 RSP=ffffc90004097a60 R8 =0000000000000002 R9 =0000000000000000 R10=ffffc90004097b60 R11=0000000000000001 R12=ffffffff932020e0 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81696fb1 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000025016c64 CR3=00000000623a4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000087000000000 0000000d00000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813be4ae RDX=ffff88801f77c880 RSI=ffffffff813be4cb RDI=0000000000000000 RBP=ffff88802b83edc0 RSP=ffffc90000e1f8d8 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=00000000fe4196ef R12=0000000000000003 R13=0000000000000003 R14=ffff88802b83fc80 R15=ffffed1005707db8 RIP=ffffffff813be4cc RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000025016c64 CR3=00000000669e6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fc2445 RDI=ffffffff9a516640 RBP=ffffffff9a516600 RSP=ffffc90039216a48 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000020 R14=ffffffff84fc23e0 R15=0000000000000000 RIP=ffffffff84fc246f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000025016c64 CR3=0000000056ea8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000